securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale...
Submission: On May 15 via api (May 15th 2023, 2:12:31 am UTC) from TR — Scanned from DE

Summary HTTP 267 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 9 countries across 37 domains to perform 267 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 556837.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2023. Valid for: 3 months.

This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2606:4700:303... 2606:4700:3031::6815:90b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.51 13.32.99.51	16509 (AMAZON-02) (AMAZON-02)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
32	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	3.66.128.19 3.66.128.19	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
7 33	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 6	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
4 4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5 5	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 4	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 4	3.122.133.176 3.122.133.176	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	3.65.121.173 3.65.121.173	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.5.255 3.127.5.255	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	141.101.90.97 141.101.90.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
267	36

43 2606:4700:3031::6815:90b (United States)

ASN13335 (CLOUDFLARENET, US)

securityaffairs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.128.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-128-19.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.184.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:18ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.237 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.217.42 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.122.133.176 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-133-176.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.121.173 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-121-173.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.5.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-5-255.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.97 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	1007 KB
60	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	277 KB
43	securityaffairs.com securityaffairs.com — Cisco Umbrella Rank: 556837	561 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	220 KB
12	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 83 region1.analytics.google.com — Cisco Umbrella Rank: 4217 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	wp.com i0.wp.com — Cisco Umbrella Rank: 3706 stats.wp.com — Cisco Umbrella Rank: 3022 pixel.wp.com — Cisco Umbrella Rank: 2761	149 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	568 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	6 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	367 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 2073	3 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 585	4 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	4 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 848	3 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1347	920 B
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com — Cisco Umbrella Rank: 3697	2 KB
4	travelaudience.com 4 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6378	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7680 www.google.de — Cisco Umbrella Rank: 5171	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	203 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4850 buttons-config.sharethis.com — Cisco Umbrella Rank: 5781 l.sharethis.com — Cisco Umbrella Rank: 4920	46 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4482	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	529 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 792	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 682	823 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	207 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 740	792 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 57415	608 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 798	339 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2107	173 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1307	245 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1220	213 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581	586 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	54 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	610 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2127	1 KB
267	37

	Domain	Requested by
43	securityaffairs.com	securityaffairs.com
39	pagead2.googlesyndication.com	securityaffairs.com pagead2.googlesyndication.com tpc.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net s0.2mdn.net
37	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
33	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
10	s0.2mdn.net	securityaffairs.com s0.2mdn.net
9	i0.wp.com	securityaffairs.com
8	www.google.com	4 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	securityaffairs.com googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
5	c1.adform.net	5 redirects
4	pm.w55c.net	4 redirects
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	ads.travelaudience.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	s.tribalfusion.com
3	a.tribalfusion.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.googletagmanager.com	securityaffairs.com www.googletagmanager.com
2	ads.creative-serving.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	securityaffairs.com
2	um.simpli.fi	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
1	portal.o2online.de
1	onetag-sys.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	securityaffairs.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	securityaffairs.com
1	secure.gravatar.com	securityaffairs.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.com
1	platform-api.sharethis.com	securityaffairs.com
267	52

This site contains links to these domains. Also see Links.

Domain
cybernews.com
docs.google.com
twitter.com
www.facebook.com
infosec.exchange
www.linkedin.com
securityaffairs.co
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
securityaffairs.com GTS CA 1P5	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.portal.o2online.de R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Frame ID: 39A619B62C730D0AF7E1C57D00034CF3
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 809FF59E1E0376DD8F49D273E93F7300
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1684116745&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116744874&bpp=256&bdt=164&idt=462&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6680538883783&frm=20&pv=2&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=484
Frame ID: F11680E585E73605F6350EEEAB3D5963
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14
Frame ID: 4419945F5269610DF78790EBA8BC531A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41
Frame ID: E6D584EC0100DB65E51173F3D05905FB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47
Frame ID: CA9B09AE8C49E8C83BBF3E6678C47145
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
Frame ID: 9C5483849F0B7181FD87EFCC46CB8A7F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12
Frame ID: 834F93D062E8540EE45757C2BC4C390A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: B1AEF1D3EB351C404CDE7B7D173B2B53
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: AF5F0A72A74AB5252F0C2E4438FFFA81
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D3C3BAEA8CE7D521DDE08DC724FF98A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11F0DAD3E165E85BC57A58F4DC949292
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019
Frame ID: FB2229B415449FD4F5B04A3187FF5E99
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 75AF312E56351828D7B42874A1054752
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: D5F0EDC4791875BF5343305D9C7639D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjM8_zbATAB&v=APEucNWLpigbh5LUQPo6o97MPYcVdiOKjV6rrZNCUBgss2gRR9nkAj41kGCkc_7sdBpHmn2oR0KrgkXjoHMQ_x8jFiT8mwrZQERLMIy6gYpXwsImuFC6HS3PDDpAEfzQtc9ahWm9O88EQ5mCkFSnjbzniAnU5_0TX7B4cW122YT0ebFZ2aNfkWw
Frame ID: 4863145C705BA887309049478DB52903
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 9479DF845BD3D051371B983D2F5E9482
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 202421D384479CF7E05479FD2274C6DB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8936CFA51F19110CC1608307DCBEA380
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E054526CD7C80D0DD080DFA518161F39
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C52C02EC96B33CF6E407B0D9B09BD90
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9644E698611A9AF196227BAAD379B365
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 50F179F8DEE31693187F73A8FCFF587D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CF4B72954304011FE99E9D5DA9892EE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D82E324E994C2016DA52D76A692B7EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: C829BE47A33BBAF80878B67EB36BCF22
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 4EC67AC9632D6377820C25A08AE5DA87
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
Frame ID: 63E60EEA4A596FFD7C340CD193F4D684
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 81763A124B078B64F033768B15C826F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4EBD5B2B411F21720393D200DE5153FA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: DC4BAA029099EBD2EBCDB7DB50C97699
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 2D77FAF341091D9DD1FC487387075B18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal info of 90k hikers leaked by French tourism company La Malle PostaleSecurity Affairs

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

267
Requests

88 %
HTTPS

47 %
IPv6

37
Domains

52
Subdomains

36
IPs

9
Countries

3423 kB
Transfer

7291 kB
Size

36
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cybernews.com/security/la-malle-postale-data-leak/
Title: https://cybernews.com/security/la-malle-postale-data-leak/

Search URL Search Domain Scan URL

URL: https://cybernews.com/author/paulinaokunyte/
Title: Paulina Okunytė

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform
Title: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Search URL Search Domain Scan URL

URL: https://twitter.com/securityaffairs
Title: @securityaffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sec.affairs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@securityaffairs
Title: Mastodon

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/
Title: SecurityAffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&media=https%3A%2F%2Fsecurityaffairs.com%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/70429/deep-web/deep-web-book.html

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/112244/breaking-news/security-affairs-newsletter-is-back.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/132506/breaking-news/securityaffairs-best-european-cybersecurity-blog-2022.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOyeRJMWKZUX7osgVRvuD80&google_cver=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJlwVTY-G9fdgAxgkHZwBc&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELZytDC4aJS0MkPSRb5-Hic&google_cver=1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkxODAwOTM2MDEyOTc3Mjk3MA%3D%3D

Request Chain 198

https://a.tribalfusion.com/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMa89NU_kyE8gQBugrFTro8&google_cver=1&google_push=ATf1kGP6NPwxkwmLJrn9qE0VUVGujSpVZGQM4fbnIxzHCqhXWhdVIG47JdptkRlXzmmh3XIsAclGDFAqIbYeXpuRniAa77d2KbIkwIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMa89NU_kyE8gQBugrFTro8&google_push=ATf1kGP6NPwxkwmLJrn9qE0VUVGujSpVZGQM4fbnIxzHCqhXWhdVIG47JdptkRlXzmmh3XIsAclGDFAqIbYeXpuRniAa77d2KbIkwIQ

Request Chain 200

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPssCL3mQVd0-2M9xHdCWts&google_cver=1&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y0u6zDZ3u8n2mkbM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fE1thlSQR4e9hU7WygO6lA2&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y0u6zDZ3u8n2mkbM

Request Chain 201

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOi_2jQDKKQa25iKs64GH1o&google_cver=1&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd70BxgIf3hNQXeTEwdvUsbVTc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOi_2jQDKKQa25iKs64GH1o&google_cver=1&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd70BxgIf3hNQXeTEwdvUsbVTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MDk2OTQ0MDY2OTY5MTAzMQ&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd70BxgIf3hNQXeTEwdvUsbVTc

Request Chain 202

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_cver=1&google_push=ATf1kGONG2KSpaLzJgxwM22o_DkI6SCB9e0KbRfYD_DdK2EwPU2Rr2jsQ3EABZxZEXz6vSKeKg9wIUscnVvOmcy_RYwAfgk1bgtZjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAACHYAAAIB&google_nid=index&google_push=ATf1kGONG2KSpaLzJgxwM22o_DkI6SCB9e0KbRfYD_DdK2EwPU2Rr2jsQ3EABZxZEXz6vSKeKg9wIUscnVvOmcy_RYwAfgk1bgtZjA

Request Chain 207

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFf_b5vNsTtcamyl3dma40o&google_cver=1&google_push=ATf1kGPMbU09AxqhHdfZDrl_NmoJrtgdL4ZXYhvuDLATTUQXjXLboqcZ3HEOIS4fQ6kXH6jVahI1gVhNC7XqNsgFJHnukx6x-PhZtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyOTY0NDU0MjE3OTMxNjA3NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1

Request Chain 208

https://um.simpli.fi/gp_match?google_gid=CAESEF2fvSce_XoDzHdLqQp-bA0&google_cver=1&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf3VNSc07UDUKz_Mtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf3VNSc07UDUKz_Mtg

Request Chain 209

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOgU_kcLZHnNIJpZT6EoRWs&google_cver=1&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv83vppjXbXjvGOJwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMzIyNjM0NjczMjA1ODc2NA%3D%3D&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv83vppjXbXjvGOJwA

Request Chain 210

https://ads.travelaudience.com/google_pixel?google_gid=CAESELqGD2Gb4FAIHYQTx-YfzjE&google_cver=1&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00YxXYgYicpTgkxA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00YxXYgYicpTgkxA

Request Chain 213

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK0rKfmtvILw6ppbOE9XTro&google_cver=1&google_push=ATf1kGPSfRfFk6DjIC1nksNAQk85GBL5BtJlj5NtXwDPVEnABcw-eGZyRh2ymbOlmmNCfupHbe54l3zM-FuH36Dmsm8TyeMs-2v--n_E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPSfRfFk6DjIC1nksNAQk85GBL5BtJlj5NtXwDPVEnABcw-eGZyRh2ymbOlmmNCfupHbe54l3zM-FuH36Dmsm8TyeMs-2v--n_E HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 219

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 227

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB8uw-tDFFgZwR3j_j0h1-U&google_cver=1&google_push=ATf1kGPXQ9i9c2oWk9QflwPC_dXTHGleLg-2l8iinPrHe2NBXAgaFXHNtnw1z77ZPFte0z3uTZZ5cSRE7rM-IzImeGxaTEVBmh8YhNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDYwMTcwMjEzNjIxNzI0NDAxMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1

Request Chain 228

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj7UZcWEMX2hMG95vmhuQvvl_iegVrfp4PoqeujXa3Zn7B59xgLdzPROR0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj7UZcWEMX2hMG95vmhuQvvl_iegVrfp4PoqeujXa3Zn7B59xgLdzPROR0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj7UZcWEMX2hMG95vmhuQvvl_iegVrfp4PoqeujXa3Zn7B59xgLdzPROR0

Request Chain 229

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 230

https://um.simpli.fi/gp_match?google_gid=CAESEJNRQXufpRY0WAxuSytefm0&google_cver=1&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4lhbQ-Y2dUyD0ACIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4lhbQ-Y2dUyD0ACIA

Request Chain 232

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIzlXkqc54QRtPk6mg1PHM4&google_cver=1&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN9s_2nqZeuTJN-xw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN9s_2nqZeuTJN-xw

Request Chain 233

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIS-qan0y15kF7R9bCm19UI&google_cver=1&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdAMbQ5wg0JWDHkBmUIZ4KDxdhhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdAMbQ5wg0JWDHkBmUIZ4KDxdhhg

Request Chain 236

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJYU0pZBT6mNUleHMpdI4uk&google_cver=1&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK30N-vy4afHOAE0f8u_WdrzCHscmUSjv1EyxOm0S1mu HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK30N-vy4afHOAE0f8u_WdrzCHscmUSjv1EyxOm0S1mu&google_hm=k-LnI3tl4lZ998tuQnWohA

Request Chain 238

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlcok-Jm_wYjx37-hQ9r4nOYLSOOJhOlvKeMNtxIuFHdyb7_ynpHbAlJFsw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlcok-Jm_wYjx37-hQ9r4nOYLSOOJhOlvKeMNtxIuFHdyb7_ynpHbAlJFsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlcok-Jm_wYjx37-hQ9r4nOYLSOOJhOlvKeMNtxIuFHdyb7_ynpHbAlJFsw

Request Chain 239

https://a.tribalfusion.com/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 241

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG81uvqWvL5udiczym75pT8&google_cver=1&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDjb78g9sU-c2f1HOUQEhnDQkpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM0ODQxNDExMTI0NTIwODkzNg&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDjb78g9sU-c2f1HOUQEhnDQkpA

Request Chain 242

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDfS6D3vbBBEMro3RK6wYcI&google_cver=1&google_push=ATf1kGMmlSRRafxLZtxToX7F96Y5K-W1c0uphRePGwafumSbtWFSiKGG28JjgbC6OQOqpi59kzKMnjPBSWo87_jPmN3vqSt7K39AtQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDfS6D3vbBBEMro3RK6wYcI&google_cver=1&google_push=ATf1kGMmlSRRafxLZtxToX7F96Y5K-W1c0uphRePGwafumSbtWFSiKGG28JjgbC6OQOqpi59kzKMnjPBSWo87_jPmN3vqSt7K39AtQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OomMlZHnTkSY0cs74E_t7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMmlSRRafxLZtxToX7F96Y5K-W1c0uphRePGwafumSbtWFSiKGG28JjgbC6OQOqpi59kzKMnjPBSWo87_jPmN3vqSt7K39AtQ

Request Chain 244

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECVl_iCOtf59IbEPWrQ7w7M&google_cver=1&google_push=ATf1kGNLfgr4uSgcu2JH7Lq_A7m6bQWmAs11-opuP6_SzeHX14IH7FjEFW5zyeu8Nk-JgOOed0IhfNni2fkok7y6pNNmzT60TCVZlko HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdHVkN3QUtGcDlDcXdBOQ==&google_gid=CAESECVl_iCOtf59IbEPWrQ7w7M&google_cver=1&google_push=ATf1kGNLfgr4uSgcu2JH7Lq_A7m6bQWmAs11-opuP6_SzeHX14IH7FjEFW5zyeu8Nk-JgOOed0IhfNni2fkok7y6pNNmzT60TCVZlko

Request Chain 246

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGxVw6ZEocJRB7hQKqrVcgA&google_cver=1&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGmp0IOas4S4ufCgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGmp0IOas4S4ufCgA

Request Chain 247

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEZXZrbTwpx_3a2TCeAPgwI&google_cver=1&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEZXZrbTwpx_3a2TCeAPgwI&google_cver=1&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ce4c5967-36b7-47e7-a889-29af3c50b0cb&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ce4c5967-36b7-47e7-a889-29af3c50b0cb&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=9153499a-6cee-4dcb-ab11-16dc9f196f04&ssp=google&expires=30&user_group=5&bsw_param=ce4c5967-36b7-47e7-a889-29af3c50b0cb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA&google_hm=zkxZZza3R-eoiSmvPFCwyw==

Request Chain 248

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL4qqZ0Au3lPaqze87qDKs4&google_cver=1&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn0hTQpBMYfjF7_VRXo1Negc8Q8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn0hTQpBMYfjF7_VRXo1Negc8Q8

Request Chain 249

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5flT58uG1hyM3o_z1Plaw&google_cver=1&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN_OVAfKLvRV9jHP6FK3o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN_OVAfKLvRV9jHP6FK3o

Request Chain 250

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED_1IxGbbkmr3dETw7Of2UI&google_cver=1&google_push=ATf1kGMUh0iKsUtLVm_MGzKeR0BRnSCTWG6MJc6coKCBw3KvOHsIeWyuBs4KuldPkjwEdAX1D6H2JvBno7WcKInEthJ7E4A9lFpN8-pd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMUh0iKsUtLVm_MGzKeR0BRnSCTWG6MJc6coKCBw3KvOHsIeWyuBs4KuldPkjwEdAX1D6H2JvBno7WcKInEthJ7E4A9lFpN8-pd HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

267 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html Show response
securityaffairs.com/146191/data-breach/ 89 KB
19 KB 170ms
122ms Document
text/html 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4656cc1c3dab161615a47917a6dc821df9bc78d6a242136640cb8d81a4bff172

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7c77db15bf1f3a94-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 02:12:24 GMT
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/146191>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=146191>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUuisTotACbqjEyhQduSNsHXCILXLeX40hoCCIBfhcHmq78IiZWk3M4Ykd%2BT1hPQ8qQTbwzgH5%2FsCvEFfA1nKNfLA5qVOpaHUailSes11lQ3%2FUlJshkps9%2Fz6yp7wBkhoLCN%2BoYBvgLD%2Bva6PweD8Hzh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://securityaffairs.com/xmlrpc.php

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 110ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3faf76cc91fc1abfad38c0103e143ce39e9bcce46fdd0781b5eff34301a73008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47855
x-xss-protection: 0
server: cafe
etag: 2534610857644953265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:24 GMT

GET
H2 200 style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 39ms
30ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 353645
cf-polished: origSize=104503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-19837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fViFBLW1TxzNYgN3VZVMA3%2FTUQKr0YecLtLM4m8HMeQtIIVkX%2FC1NW%2BJAKnnrN3%2FSJzJXrahJrspFHzWoR%2FYHtkscZLG%2F0pnqa3qyzE9CoHJL4eJyLDm%2B70au5J1LbnnFXKmpl5AbuOTOUaJSiYBbOjl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fb93a94-FRA
expires: Wed, 17 May 2023 23:58:19 GMT

GET
H2 200 view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 2 KB
1 KB 38ms
30ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 May 2023 22:37:52 GMT
server: cloudflare
etag: W/"64582840-64a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry%2FwkohGtUgki4ocBD%2FfQNoljIxnCR8qF57JgJ1LsHUCzAnZA5ghvgG6HYKJnqAyv5rsog5SJdmqgm5Juy9KnwU1jkfnTNwe1LQqk6RpLl%2FXWnqVfBKOzWWbtT7w7CqFAovW1t20kyASTQnf0NoC9%2Fit"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fba3a94-FRA
expires: Sun, 21 May 2023 23:21:46 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 11 KB
3 KB 34ms
26ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 409999
etag: W/"5fd15e34-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7jJAwElGEX%2FnVA51t24xfGdSRwfynX%2FHMg9ErwLq3tX8z30J5uh%2FnGfkrreZ5%2FSTY4ivznMZJb7OtbrgXrbJyHvfp8N07cjkERQv4d1T%2BVZBvFXjDTiNXymuE9i3yqTZLUZsw8qSacgsGvKQriSrjqD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fbb3a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 17 May 2023 08:19:05 GMT

GET
H2 200 wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 4 KB
1 KB 35ms
27ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 337458
cf-polished: origSize=4960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: cloudflare
etag: W/"5dcc9728-1360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQJ4OxkyYdNlWJyFJHbHJlN1nqaQ8%2B%2BbFz9hdGhlhUpOP5VL3t7sFyvGNHgtwUG7lLdaoOrbppIlUq72OPgAZouuM6QGs9CH26IUSgbgYWzAKXxjAEKA0yCOOUC5MLEU0tMjregzNk%2BLmiImapklEVBj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fbc3a94-FRA
expires: Thu, 18 May 2023 04:28:06 GMT

GET
H2 200 classic-themes.css
securityaffairs.com/wp-includes/css/ 257 B
537 B 34ms
26ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336701
cf-polished: origSize=729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12fVTbt2OISxQHiqUJLyOqKn0fq9rQDaLSTMIj16NrL7XcogsjBkZtNd1%2FZJXDENpuMDDsaCzY08kgAa0oLHrY5Iki%2BC3S7G8MByPfL33RLoPBz0N1OzlpbCdC2jPk2n4wffcR2x%2BppkBO%2FyRuFv9geA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fbd3a94-FRA
expires: Thu, 18 May 2023 04:40:43 GMT

GET
H2 200 cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
993 B 39ms
32ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.9
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183062
cf-polished: origSize=3106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeCr1vdkZ0DOaeXEibDvZKkeKD38uXDVpSS9r0QFAvw57ftCo92b0O9qg0V%2Fg7DDS9XDxFUbHvhoXWFUt802Zjij9XNVSaorzhAYbNQH1YeuunIzMNl3hoSQ6gdAhSPvYXW7etAdPK%2BpNjMoqFZi8Dok"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fbe3a94-FRA
expires: Fri, 19 May 2023 23:21:22 GMT

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 22 KB
4 KB 36ms
28ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.9
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183062
cf-polished: origSize=27249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-6a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0m8WBbwNDbT3%2FNXLNXQPqhBP0TYqFlbu%2FqnhheNTiwVR9o%2FLxv1GjAdLBDcrfvxqPUYkPVSH%2BkDrBvCe%2B3IW3xtjDcMS18sD7JMa9iQ7%2FmjYUundS4F1qKTn2uaEr6iml4wtt0SlRfEFldaRwtcPNAF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fbf3a94-FRA
expires: Fri, 19 May 2023 23:21:22 GMT

GET
H2 200 custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 15 KB
3 KB 39ms
31ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414568
cf-polished: origSize=19858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: cloudflare
etag: W/"56716d33-4d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcOukMfXL33G0HG1Vf8buroPEoAnsGHq2W1u%2F9Lej2EMDF6RJlSn59Bb2wqHvJ1Q3Zt8ORVLilHF%2FCS%2BCi74gpcwkQ4Taol0qs0j3KFFIJbThyKeWAQXxHtRMu0QisNYQaBAwm1HE93QBmmZFymR%2B7zq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fc03a94-FRA
expires: Wed, 17 May 2023 07:02:56 GMT

GET
H2 200 tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 461 B
571 B 35ms
27ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256206
cf-polished: origSize=539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0faRrVP9vWiVzy0mm8dvK5tuiZbRgTR44F4aN4WtfdknyZHd1Y7dg%2FluHBCVCcIKkDuk6l%2BPFybvpCtbmbfoTgl%2FdsGIe8ucJyVn0J6INUQD%2Bd0ZddaZ0KTeE2KPi6EAwZPu9j8DgS07XWbXZpZdQ5Dt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fc13a94-FRA
expires: Fri, 19 May 2023 03:02:18 GMT

GET
H2 200 flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 5 KB
2 KB 36ms
29ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410682
cf-polished: origSize=6225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: cloudflare
etag: W/"56716d3d-1851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FNJ5pWP1s8zZq5URA%2B0Zjgf%2BtKHTeyVPYUMukW6WPeb0C9t4fYcu7yThvq9A0UvN0PLyk7Hefqg%2BvETl%2Fkj%2BLLxDNm07PlNPKc%2BCxB8xt9D5dh%2BBLa3qJv3xywqkC8SxZFuUPWabb5MzlaU75VKktQX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db168fc23a94-FRA
expires: Wed, 17 May 2023 08:07:42 GMT

GET
H2 200 animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 1 KB
765 B 54ms
46ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305509
cf-polished: origSize=1716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0M24Q0m0lNFi8UvdnR84uVho7yr8i6Jrv2hEeuBHbr8mbftSY1ksaVOOmgV2TRdrcOmNa2REsyp%2B3vjwgs7vX3WDgKLiSfcGc1cv9LOqOt%2BcrN4bvFmw3B4A64a9Sm2S10HWPzryC2iQUXO4ZX2W6nc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afd83a94-FRA
expires: Thu, 18 May 2023 13:20:35 GMT

GET
H2 200 font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 17 KB
4 KB 53ms
45ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 303143
etag: W/"56710b7a-4574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jao%2BJfj3lQr1H1zlDcnOOAIff4YQC3o0SuEgX6DmTfQjdquuWMrJWnV4jUPoSeF405Q5FR2iqaWqjGIMZSSHlt2G%2FvzAKugOi0dkSORUXujG%2B%2BUck9zUN2SyswkRhGb0sB3%2FrSGcNZ2oG3qqFi2dGtAa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afd93a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 18 May 2023 14:00:01 GMT

GET
H2 200 swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 63ms
56ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411651
cf-polished: origSize=4493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: cloudflare
etag: W/"56710b8a-118d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp6qe7UmkBkNxwqr1BEdmO8ff67Lje7TUiMpIYTmK6nk0ec4%2FSSfmJFpWzqZfxlVajhNci1rMetfjq0Z7TjRrh5m2DlklClVFggSNSSoB%2F2587DvBcooKmtl2hj4ghuEtRN2o7Ax4N8pCJMcXn1vkAMu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afdb3a94-FRA
expires: Wed, 17 May 2023 07:51:33 GMT

GET
H2 200 jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 264 B
477 B 54ms
47ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414568
cf-polished: origSize=334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-14e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IxfKSifwEeTGvFgn%2BkP%2F%2BHIK4XGxx7OuB0NDVcVmQmbw4gGBCiokidWrqJyg%2F8HYDIEqoOZxKmKNliUvYWe7v11y%2F8%2FJDQ9ASUjeHsu4CDaQDQ0sQk8aUQ71ZYe8LJXXsHiFQD71UPYqLa%2FFlpMVU45"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afdd3a94-FRA
expires: Wed, 17 May 2023 07:02:56 GMT

GET
H2 200 screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 95 KB
17 KB 55ms
48ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256206
cf-polished: origSize=112708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-1b844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS7S1zWSSXJZK3CRokNidE%2FEzM7zbifdeevPF%2BhqHrs%2Fy3CDDL4RbJBhZr%2Fpz32fYnAaLW2BxnFjkHWSNdnnJUHcl9rUOkvqSxE4nQNB6YD3O2fRHQVeuc5chgHrSAe5MNohzDQmWm49%2Bv3xSU5%2FZQzf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afde3a94-FRA
expires: Fri, 19 May 2023 03:02:18 GMT

GET
H2 200 custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 12 KB
2 KB 393ms
386ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf1Q%2BT96mDWjbUZoLMp9%2FWa6bgwfyfQwTK7WWv7nW%2BTKO5Zgvoi3kOE7Y09P8usc%2FPm1fULXsQi9IuGA9EV1AH9zDtc91fFQ6UHQhfi7keekpAQjew0eJix60c418PIE17ZXZJVU8h9SIyiu1agaxz5Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=UTF-8
cf-ray: 7c77db16afdf3a94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
909 B 95ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 02:10:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
886 B 94ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 01:28:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
681 B 95ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 02:12:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
681 B 103ms
40ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 02:10:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:24 GMT

GET
H2 200 grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 43 KB
7 KB 58ms
53ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 303143
cf-polished: origSize=50674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: cloudflare
etag: W/"56710b7b-c5f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdn%2BxXN46BGiBUJCkXWlEAExQbOiRE%2FPs%2Fy1rVzJVcxXoVybVOplvIi0ERpV4OpT6pnVRn5BXW4w%2BEI3mF0o%2B9GYcZGC4oKhQr52uslPf%2B0doiWhPvZKMxk094iCKdMfFKPdz8Qw8aBYFkB2SHoohi5F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afe13a94-FRA
expires: Thu, 18 May 2023 14:00:01 GMT

GET
H2 200 sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 16 KB
3 KB 53ms
47ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8150
cf-polished: origSize=19408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 May 2023 22:37:52 GMT
server: cloudflare
etag: W/"64582840-4bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZGwIR9Hd1NDb7%2BxEhG2fbjIHNBAyDAry5HX80Jaajy4aKQQB8WTv9voITNjtg52tbFmmJ5UeLllNekn%2Fn9X3BxC0a34NuuPbITrXBU6qMZODdaAkfvEbrcCZ%2F0ZP%2FuLHP4ipwBua9E95R4KvyFK9xGk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afe23a94-FRA
expires: Sun, 21 May 2023 23:56:34 GMT

GET
H2 200 social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 11 KB
8 KB 57ms
51ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8150
cf-polished: origSize=12101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 May 2023 22:37:52 GMT
server: cloudflare
etag: W/"64582840-2f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aja2aPwGtHDidIvLOrMLnKCYwR7WHjFtsSdPUQp1hW%2B8WHOiQg73QwxEFrsfdK%2BLoN5VBsMXTYZuXzcVNwwuf5V9pHaoKr2S2EKHrZjYxtAX0nWIzmvcBRNqu5mAu0W2BmfOwYYKmOd1Fo88A%2F04lnpo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7c77db16afe33a94-FRA
expires: Sun, 21 May 2023 23:56:34 GMT

GET
H2 200 jquery.js Show response
securityaffairs.com/wp-includes/js/jquery/ 142 KB
42 KB 62ms
57ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343706
cf-polished: origSize=292478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-4767e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS9gKibI16Du3iaQMn5IwiT1%2BhsCW0o4e4gCMk3DkYXjpZpYY2%2BER3YxIos5fkL2QhiMWW0VcaFg9Lj9KhZVR5AT4EOZSSe1pPkCpi1IHbgwcopYU9h%2B8REpHLd4S9QUl7qZJ9t03XhqQwGhWndI3t%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db16afe43a94-FRA
expires: Thu, 18 May 2023 02:43:58 GMT

GET
H2 200 jquery-migrate.js Show response
securityaffairs.com/wp-includes/js/jquery/ 18 KB
6 KB 59ms
55ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343707
cf-polished: origSize=30789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-7845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzhgUy2m4ejobz88y7KDJEjCmgD3EExg9JstqmokxCa%2BCTIslvkw0bVIe%2FTaYeoxOtlv1gzwgRXIomHYYdQqQ8I2%2F89YiWHYD2htz26d4YDJslEyLCGiXqlPx19mjSUWvd3c3GPVa08RRFLK5%2BrCVUBx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db16afe53a94-FRA
expires: Thu, 18 May 2023 02:43:57 GMT

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 27 KB
7 KB 58ms
55ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.9
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183062
cf-polished: origSize=34179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-8583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNGt7EFALbbILCajpZGPVvZeoEU%2BBnxBCN59X1RnorLNX%2FhlWvt1E%2F14V5%2FZTtPM0kLu7aPkqdXK%2F9ybnpoTgiQ5unpyUCbmK7YfJmk5b6QEeq209RNiXZ6Rx2yIgZO0fiVPdNern5U1lLnVuwd5hGkB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db16afe63a94-FRA
expires: Fri, 19 May 2023 23:21:22 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 201 KB
45 KB 87ms
27ms Script
text/javascript 13.32.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-51.fra60.r.cloudfront.net

Software

Resource Hash

47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:10:29 GMT
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 115
etag: W/"32234-AoJ3k+MJOOKcahR2z6uk+gkFH+s"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: fvvcAy9PzLAydY89I0qeJzXfWEnrfYRYycgIF6HJSm6dRfZXEDXFcg==

GET
H2 200 SMS_messages.png
i0.wp.com/media.cybernews.com/2023/05/ 14 KB
14 KB 75ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.cybernews.com/2023/05/SMS_messages.png?ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a10c1fbed874f99c4e820832cb75b8007862b7e5e198f403c2685d1ddfe661ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 May 2023 20:48:23 GMT
server: nginx
etag: "cfc60104da81a1af"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.cybernews.com/2023/05/SMS_messages.png>; rel="canonical"
content-length: 13860
expires: Tue, 13 May 2025 08:48:23 GMT

GET
H2 200 Customer_information.png
i0.wp.com/media.cybernews.com/2023/05/ 26 KB
26 KB 112ms
57ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.cybernews.com/2023/05/Customer_information.png?ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a2c43e39b23656d7e7b3aa326bc7758db27364c46ab5983100c09dc554a14a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 May 2023 20:39:24 GMT
server: nginx
etag: "5101112e0018af7f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.cybernews.com/2023/05/Customer_information.png>; rel="canonical"
content-length: 26172
expires: Tue, 13 May 2025 08:39:24 GMT

GET
H2 200 Account_information.png
i0.wp.com/media.cybernews.com/2023/05/ 11 KB
11 KB 113ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.cybernews.com/2023/05/Account_information.png?ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

97765e23068ab7c9753037e78c140941f0214522e0fb6a3fa34db1ece576c0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 May 2023 20:48:23 GMT
server: nginx
etag: "57e2e6ee14b32933"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.cybernews.com/2023/05/Account_information.png>; rel="canonical"
content-length: 11532
expires: Tue, 13 May 2025 08:48:23 GMT

GET
H2 200 Admin_credentials.png
i0.wp.com/media.cybernews.com/2023/05/ 14 KB
14 KB 112ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.cybernews.com/2023/05/Admin_credentials.png?ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

23f3948c589322ebd2d1c502575a1e75104735f70b4d34e72a4dde3b8c24140a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 May 2023 20:48:23 GMT
server: nginx
etag: "f700ad2782558dfb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://media.cybernews.com/2023/05/Admin_credentials.png>; rel="canonical"
content-length: 14648
expires: Tue, 13 May 2025 08:48:23 GMT

GET
H3 200 image-38.png
securityaffairs.com/wp-content/uploads/2023/05/ 301 KB
302 KB 33ms
31ms Image
image/png 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/05/image-38.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3143074096fa0a8f9af6774d858bbcd27d56f3f109139792fb78c89c1643835a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 308679
last-modified: Sun, 14 May 2023 17:20:31 GMT
server: cloudflare
etag: "6461185f-4b5c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMt%2F2XCq%2FH26gkOF32tnSfk%2BlFqtNn%2FsymqYopxu1NCZzLgVDhJkvAYxHE%2F2Te72r2SKHhQkFG%2F5Bps92vSElfI5jGMXK%2FZS%2BxRQcGqMrUHOrJxg6sOHOL71NvtsZWui2lcXsLHjE5HOTWR17GB0uHLd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c77db191b24917d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 capita-plc-logo-vector.png
securityaffairs.com/wp-content/uploads/2023/04/ 4 KB
5 KB 137ms
134ms Image
image/png 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/04/capita-plc-logo-vector.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e18136e493ac58b6bef8dd81e8da7f8d7818948b7698e6e779a39ca9ad80a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41922
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4185
last-modified: Mon, 03 Apr 2023 21:09:30 GMT
server: cloudflare
etag: "642b408a-1059"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BlBkQgtQc7KGd7nl7VUhARGOJfePXp84xrdDcJ2pDcXCBzq%2Fvr0lZPxWkqLpsLIcm7iD%2Bo46Vx00vpK7GqxR%2FosXR6UCIqqnum%2B3CBkYFH2GM4ALYterie9EkVFvwgWbHsEO4yZDDZNsywFh%2F0TWk%2Bk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c77db191b25917d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Toyota-data-breach.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2019/03/ 12 KB
12 KB 112ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2019/03/Toyota-data-breach.jpg?resize=300%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

47b86457b71f1d8348237f945523b7e5f22d08cfedfb058f3b514be2adb11f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 May 2023 20:48:23 GMT
server: nginx
etag: "bbc188751a7ebfdb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2019/03/Toyota-data-breach.jpg>; rel="canonical"
content-length: 12006
expires: Tue, 13 May 2025 08:48:23 GMT

GET
H3 200 email-decode.min.js Show response
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 May 2023 14:15:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645ba6ec-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvRH7BZ487He4iKoBt52StgNuuyYPDk2%2FbES9kc7qsnw%2FZQn1iwObBqWvIBjoqj8nDbU675nVxYA4toL%2FiYjKr%2B2h6GGTIbnpEF4h75wYu%2BGkvYjK62%2BLCRs74Pm0G5NvHv2cezA%2Bi8FTqr2%2BSJzN8aM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c77db176a05917d-FRA
expires: Wed, 17 May 2023 02:12:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 99ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fafd860e40b2dbfa4d5147dfa84c3aa982ccaa56cfe8747d423dffd5ef523fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 02:12:25 GMT

GET
H3 200 photon.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/photon/ 927 B
952 B 28ms
28ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335343
cf-polished: origSize=1760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 May 2023 22:37:52 GMT
server: cloudflare
etag: W/"64582840-6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBXsiUhUol3vSvd15rJZaEHSP42NTpozHPcR0IH0oZ6h3Qo0QJNiGapIM9l3DbtDtu8GTIQJKsCGjjACY10MmBXxZgBsgY3Vhgns2AGdBfj5wlzderWOyAXEf1HibHKVjke41mPrF7Ty18fJISvu5LDi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db17aa32917d-FRA
expires: Thu, 18 May 2023 05:03:21 GMT

GET
H3 200 ssba.js Show response
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 33ms
32ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1682722338
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 175617
cf-polished: origSize=3110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:18 GMT
server: cloudflare
etag: W/"644c4e22-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkTUQs8ivDvJoKjqzXXhCVjjYWUSareqcl%2F13Jao2Wjtw%2FjoCFjw0hH91O7YCppU0OfTC7lb%2F2EnNLERaqaFGqO4WJ4rJfDBab2nGZ2enJAnVH5tB%2B7Q7t67q8FgUcHwrOK2JEkJh452C16rfNgXEPjC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db17da54917d-FRA
expires: Sat, 20 May 2023 01:25:27 GMT

GET
H3 200 hint.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 467 B
782 B 27ms
27ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 573428
cf-polished: origSize=987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-3db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BEvtPbFaP976N3A6oKfYoxE48gPGMVh%2B6XxbJBCT7ZuRfsa7ZWyCGNwp3bi34tXHFU0FE%2BRJEWXO8jjrbNeXcu1HCQ3ZNIFZ3VulXBBAauWCQLLJR1xRJ2Hq9w3btU7lapozghK5MrVe8cEcnZrk0nU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db181a7f917d-FRA
expires: Mon, 15 May 2023 10:55:16 GMT

GET
H3 200 jquery.tipsy.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500285
cf-polished: origSize=4371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH1ltDwwS0ULvMbAGKzZv0W9FrtO81odPgIpFMtOa2QusgpXWrGHfohCcz9jQofsem5%2FfOJXjbqGWcplLWNyVKqku8jkL6HjqFrjHHdKvg5YGhYwhHYG%2F1zXO6G9k4fbvbRlbmPQ%2ByIeoxQWkKxbOvaZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db184a9c917d-FRA
expires: Tue, 16 May 2023 07:14:20 GMT

GET
H3 200 jquery.easing.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 4 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259056
cf-polished: origSize=8097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1fa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmnjVxis0QV22JMmh3U58dsMsr31faH3Dlc%2FkNJSwuOpvdwUihjn7EPxbNTpb6pbEhkvWxbNqzBOKh1Sfh%2B1bY5VDU1VBKOIrF83djbtcMXrdcMpY0mPzLtefCL91QXf%2BaYdQNJI294Mue1lXtKUh6zp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db187aaf917d-FRA
expires: Fri, 19 May 2023 02:14:49 GMT

GET
H3 200 browser.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501297
cf-polished: origSize=2614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-a36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BbohjTF0ILt40LvDAINtpiVieZqmN2F0gDYtyA3Wc2WW5NGXma%2FRrTYdmgn%2BXTiseW%2FLI62lz8onQTpUJ95MWNQCTLCHfn5L1pVJqNge6wUIFT2vkWm%2Bm3GR7qXxBIN%2BbA2gd9mwGBdmGeM4OgQ0HWn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db18aad0917d-FRA
expires: Tue, 16 May 2023 06:57:28 GMT

GET
H3 200 jquery.flexslider-min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 21 KB
7 KB 27ms
27ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 594613
etag: W/"56716d3e-53ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcncBHP%2FJo8jWEs5DTky0p6ry6YubcH%2BlTxP5blJCaYNkc86SSVG3GqiXSRA0jXwUKibR6XOI2Awv0GSyNThq0eJEjGiusTTsHTi9TkhmDExyxFCOUR0Ses5hql4SNXW3ol25Cht4FixiTlc3Q8fxWOY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db18daee917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 15 May 2023 05:02:12 GMT

GET
H3 200 waypoints.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 8 KB
3 KB 30ms
30ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 594613
etag: W/"56710b8a-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZcVhson%2BBzlWCaaYYXcS1MHosITm%2B1vtA2yHtwBZPdVZwD6NL2lo1lEPBeeXvJDKXNDoYG6FtpmuReM9i8ib6OyeNUVrbnxfic1rAaHh8upGX%2BFNkyPazo13BGhBVZ4Ud1F4agzEjgDFnQkmIFNVylF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db18fb0a917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 15 May 2023 05:02:12 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
20 KB 31ms
30ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500285
etag: W/"56716d42-11571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhNPybnj%2F7sSO2dX06WpD%2F71uGx3q84PACXb5oDBHgzj%2BM4kploJYZDbLV2XDafXYCivemWolrEJXv6c8SykG52pn%2F%2Faarnia1ghSL35K3yazSktDcOpi8IvSeBDuciNPBrW1oVb0%2B5zLe2vaUMpzPCf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b1c917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 07:14:20 GMT

GET
H3 200 jquery.swipebox.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 11 KB
4 KB 93ms
90ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335636
etag: W/"56710b89-2a67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkWMLRyI2SNOPqhXrsci3iEYn860RzzNFfHqdaoPZtTjE%2FKwTdc1EjNJsbiMLz7yhJgI1uDAo05bWlgPaBFWrdZRDR38v5mDDeih96SLuPTnpGgQ7XUfovn3Sv1Wro0RGR9tSlbicdLZr6P%2BoC7OUCbd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b1f917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 18 May 2023 04:58:29 GMT

GET
H3 200 jquery.circliful.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 94ms
91ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500285
etag: W/"56710b89-c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT2Qe%2BmqFQbyDLI92rIxFqH9XjFRYN8VQVJJax1N8rxs8ZCMnRkbht2FqL1ddS%2F7rDBdav4fOrT6VM3uSBS8jUawitRqV%2B1K7TT6gUlv5HmVvOoftfJThZCx%2BJ2bCugKXOI0H2RPTce90vzx%2FkIcb085"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b20917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 07:14:20 GMT

GET
H3 200 jquery.smarticker.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 13 KB
4 KB 98ms
95ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500285
etag: W/"56710b89-3225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zma%2FwGfUFyRT7ivzRGs082jwKDhcuVXCFMMcbcyaSCObQ5r938ZoZqcp6wZQGAQuts1aJKhEj3cDVUpvHEOcD0KobB1X35o9I%2BoQgsBavmuQOZ6wwMU4xilfQ5ns9XdByg2E%2BSGaz9sC%2BgrkPwLoLDr%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b21917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 07:14:20 GMT

GET
H3 200 custom.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 10 KB
3 KB 94ms
91ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412042
cf-polished: origSize=12756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-31d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jc90%2B73TTQvox7PFwHaYrTILdLj1LrWHHw7xHTGlUrinpbMV6XvWhLqH5Cm259yxgx55gcqcmeWWNBum39UkCD2hH8LNMsyinAGxBqTDDl4WZoIpAmfXSYpBrltmL4m9ZTEPog%2F8YzPxLoN2J8q6XSLd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b22917d-FRA
expires: Wed, 17 May 2023 07:45:03 GMT

GET
H2 200 e-202320.js Show response
stats.wp.com/ 9 KB
3 KB 80ms
23ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202320.js
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 07 May 2024 13:50:35 GMT

GET
H3 200 sharing.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 12 KB
4 KB 95ms
92ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11017
cf-polished: origSize=18206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 May 2023 22:37:52 GMT
server: cloudflare
etag: W/"64582840-471e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhidCo2IttNZVKZxhNXmxSWaYOW9pNVcJ7v37EoWbBHLMk4qmoJCBhAx62%2FA%2FP4yeR9PvaF%2Fy5gO59S58VEuLepb3Ov58HGIfenmmQFHSG0hwdWx0Jb%2BFxdg7TGMD3P7JNZFYxI0qa245VC5dg6sG4gk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b23917d-FRA
expires: Sun, 21 May 2023 23:08:48 GMT

GET
H3 200 twemoji.js Show response
securityaffairs.com/wp-includes/js/ 17 KB
5 KB 137ms
135ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/twemoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346266
cf-polished: origSize=33089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-8141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akbyAOaKLHh1dNXVd%2BK1YXxEbBYwHj%2B6GvEPt4dJ0fmHr14w4wRgW90e9vscS1N2xNDHGPeYpborP1%2FNALNFsJGt14UySmvtC4N0EARrjscDQHIdDWUjkCDSeZJgTFOzOU1jgnZmKt7l2H4HPcPwjyj0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b26917d-FRA
expires: Thu, 18 May 2023 02:01:19 GMT

GET
H3 200 wp-emoji.js Show response
securityaffairs.com/wp-includes/js/ 4 KB
2 KB 138ms
136ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346266
cf-polished: origSize=8969
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSvM2LnPjXatOjkVtOQrQ%2BGa5qIhhFGIKXqMPaiPQj%2BsQk1H2ZUhaDUmPR%2FM2pXNS1%2FOLJy8p2414DS2CbUkP9O8o524FZOSXqMoabxfPyoOIBC%2FMCjKQIai4y0saiVLmYpINVwOqT%2FDgIO9lOI5ccM1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7c77db191b27917d-FRA
expires: Thu, 18 May 2023 02:01:19 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ 357 KB
120 KB 108ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31074512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de87f0b0914342ed9fb6688a81c09579aa1b2a90b670e4472a64d2b8decda85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122875
x-xss-protection: 0
server: cafe
etag: 3025529897535985630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 809F 10 KB
5 KB 76ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 12:30:21 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 12:30:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63aa5463b92caa0012f81022.js Show response
buttons-config.sharethis.com/js/ 438 B
884 B 77ms
23ms Script
text/javascript 2600:9000:206f:8800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:11:34 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 52
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 438
last-modified: Wed, 28 Dec 2022 04:37:49 GMT
server: AmazonS3
etag: "d0446970cab2a3b08a2f4f8bdf2fbef7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: vTNoSH2IdGYntWaqHzvxAn69swKvygUHWtxhshw4i1svMUvgogDy0w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
41 KB 104ms
47ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77f0d80301b69879c211bf75475a1712ddd3ef8caf1fbd5c9cfd7c42f2426eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42293
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 02:12:25 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 94ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:07:33 GMT
x-content-type-options: nosniff
age: 122692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:07:33 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 76ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 124240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:41:45 GMT

GET
H3 200 fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 48ms
47ms Font
application/font-woff 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5709926
etag: W/"56710b81-ad90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDsd5bYolILVVVkwJqMmZJuvNQuShlG5pt5u434q6r0Lt%2BsmMpaBzrx9BQvLB9fmeSNOb0j%2BcBds3yj2PuOm7xaJYY2fXehxA%2Bnx40XkD8f%2BNAmQDed10h0NZkSXMQgm81BnMKTnbZAjpQfdCHe7jrp7"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=315360000
cf-ray: 7c77db191b2a917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 102ms
49ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:53:33 GMT
x-content-type-options: nosniff
age: 94732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:53:33 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 116ms
63ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 132075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 13:31:10 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 103ms
61ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:22:55 GMT
x-content-type-options: nosniff
age: 204570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 17:22:55 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 105ms
25ms XHR
text/plain 3.66.128.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Personal%20info%20of%2090k%20hikers%20leaked%20by%20French%20tourism%20company%20La%20Malle%20PostaleSecurity%20Affairs&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=La%20Malle%20Postale%2C%20a%20transportation%20company%20serving%20hikers%20on%20popular%20hiking%20trails%20in%20France%2C%20leaked%20personal%20data%20and%20private%20messages%20of%20their%20clients.%20The%20Cybernews%20research%20team%20has%20discovered%20a%20data%20leak%20on%20La%20Malle%20Postale%E2%80%99s%20system%20that%20exposed%20the%20personal%20data%20of%20their%20clients.%20The%20leaked%20information%20included%20names%2C%20phone%20numbers%2C%20emails%2C%20private%20communication%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.128.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-128-19.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 02:12:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 78ms
22ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 15 May 2023 02:12:25 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Mon, 15 May 2023 02:17:25 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 30 KB
30 KB 49ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "90081d39f1874091"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 30524
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 7 KB
7 KB 58ms
55ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "f66b518bba6e1555"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7234
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 19 KB
19 KB 58ms
55ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "d8c02e2ccf1e41bf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 18968
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 13 KB
13 KB 59ms
56ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 00:56:49 GMT
server: nginx
etag: "a583ea31753e6f10"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length: 13098
expires: Thu, 26 Dec 2024 12:56:49 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 29ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=146191&tz=0&srv=securityaffairs.com&j=1%3A12.1&host=securityaffairs.com&ref=&fcp=622&rand=0.3774645024579091
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 May 2023 02:12:25 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
610 B 79ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31074512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841a56292195b629f8507d7fa03bc2c256f8420c1d89ae2c704b5c1f19962380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 85ms
31ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
32ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F116 304 KB
74 KB 513ms
512ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1684116745&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116744874&bpp=256&bdt=164&idt=462&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6680538883783&frm=20&pv=2&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244ce5f472c54baa981bec89cfa631badcb8be4b73360669be1430dd859d3f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:25 GMT
expires: Mon, 15 May 2023 02:12:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e4cff09acb52fa29c9e684d8f068f51c9b1a7bb67cf2a2c6698558a1c3325ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 02:12:25 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 80ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je35a0&_p=393260309&_gaz=1&cid=1890257638.1684116745&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684116745&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&dt=Personal%20info%20of%2090k%20hikers%20leaked%20by%20French%20tourism%20company%20La%20Malle%20PostaleSecurity%20Affairs&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 92ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1890257638.1684116745&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 87ms
34ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1890257638.1684116745&gtm=45je35a0&aip=1&z=898366097

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je35a0&_p=393260309&cid=1890257638.1684116745&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684116745&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&dt=Personal%20info%20of%2090k%20hikers%20leaked%20by%20French%20tourism%20company%20La%20Malle%20PostaleSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 36ms
36ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2f73fcd3c4c75ab646c509f241a57e045a5c07220e92865e38c993611025b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11091
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ 152 KB
51 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/reactive_library_fy2021.js?bust=31074512

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe1c5219cdf642c72c7941dc6d78811e92b999e4b0220fc7224e294897ef8ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52580
x-xss-protection: 0
server: cafe
etag: 12649796618926700084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 33ms
31ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 34ms
32ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4419 86 KB
34 KB 580ms
580ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

706cb8388c4bc3ae2ffc55cfdbe059284cedacf4aaba77d7496ad5cd0d03e905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34914
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6D5 95 KB
34 KB 655ms
655ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f573e98383d19a1d3df3190b7de701ba603198b22ab6f7abf53b8fc5d5a0437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35260
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA9B 84 KB
35 KB 553ms
552ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c85493df8667d75a1b87f716fd86dd562a2a9d96e1459fc732f31dfce6d4e3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35539
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C54 86 KB
34 KB 729ms
727ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26b2f565fbaab9a9c4ae80996779513ccc5962eb26fbd0d055117e569b386fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 834F 19 KB
9 KB 385ms
385ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b6708d71c0dd409e989b70636163a6e603b6c8040754bdc06ce8d03d8c7be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8978
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame B1AE 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame AF5F 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame B1AE 4 KB
671 B 77ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:59:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B1AE 205 B
295 B 136ms
59ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 21:08:25 GMT
x-content-type-options: nosniff
age: 18241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 May 2024 21:08:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B1AE 604 B
920 B 135ms
58ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:35:38 GMT
x-content-type-options: nosniff
age: 9408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 May 2024 23:35:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame B1AE 19 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8020
x-xss-protection: 0
server: cafe
etag: 10981734531507917325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:11:00 GMT

GET
H2 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame AF5F 8 KB
4 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 15:08:35 GMT

GET
H2 200 044a83e5da670341b3efea50f0ca4b53.js Show response
www.gstatic.com/mysidia/ Frame AF5F 18 KB
7 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7569
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 15:32:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AF5F 9 KB
932 B 65ms
34ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:36:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame AF5F 2 KB
846 B 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:21 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame AF5F 6 KB
2 KB 98ms
32ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:42:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame AF5F 22 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame AF5F 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame AF5F 19 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF5F 169 KB
53 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame AF5F 32 KB
13 KB 98ms
32ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D3C 13 KB
5 KB 28ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 16:51:35 GMT
expires: Mon, 13 May 2024 16:51:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11F0 783 B
1 KB 92ms
32ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e74d41f3cd7933ac3b931c07614986971de12990b1098aab6424490a663bef74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SOOJHWwHrqcVZAwWae3G4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-SOOJHWwHrqcVZAwWae3G4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D3C 37 KB
14 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H2 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame FB22 8 KB
4 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 15:08:35 GMT

GET
H2 200 044a83e5da670341b3efea50f0ca4b53.js Show response
www.gstatic.com/mysidia/ Frame FB22 18 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7569
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 15:32:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FB22 9 KB
932 B 33ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:33:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FB22 2 KB
765 B 25ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:21 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame FB22 6 KB
2 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:42:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame FB22 22 KB
9 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FB22 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FB22 19 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB22 169 KB
52 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame FB22 32 KB
13 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQSGkNPSG8tZUtmOXY0Q0ZRdXNkd29kQnF3Qkd3Igl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF5F 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNcyCCZVhZKHAF4vY3gOG2IbYAZb03fxv1_Tkv4MRrJ-D6e8wEAEgu6PgmAFglQKgAfTEkJ8CyAEJqAMByAPLBKoE5wJP0KPRJfVfQ-oqfsgx2BeSlYV5u64-z2mij5VSToOJrWedM4EIuYuiqUhOf_Kwoon0XEAq7I7r6N2TWECzG6e0qdxnzgvtbJc2A7Y2ThNjQVN_0tIe3RAI2LD3L90ZgwOjuRQcS8NlVFDxX8r2sm2UMaYGuazT1yU6KIDkoiwGTvrwmx98i9Lw5wYpOMTIfhl_BlBiQ5qIVD0O23hQyFtkxR0vwQ6cid-sMZFUNvWsoQyJM8nACSvrGClv4hHk1u1PTHZnjk0Da0eTiA2saI34JnS70JuBLZJzWW6-w_WelKPaWSyQILFU4Gv3E0tSDhhbFySMIBTGC9nAIkItRcIJHhsBNJ-HrJ-6xsmuuuz0NZrPCkIFI0LyYr03PJ4wIzaUqIfyu77Eg3Apcopxhk_3y2rsKeU5jaEJSutxNJtsKUpxjSmmX29HaOpn3oDz5RB07cymKDVBWBMtKTZy7XAyos8UE5gMUcAE0NHKu5kEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8Sm8uABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQjocB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=Th11_JgMLo0&uach_m=[UACH]&cid=CAQSGwBygQiDBCqbQfwck9KxiW_LqjFnejAm5FatHxgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 May 2023 02:12:26 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB22 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAABxAMAQKDRADIQAAAGhmhmJAMAQSGkNPRG8tZUtmOXY0Q0ZRdXNkd29kQnF3Qkd3Ihp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB22 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAEEhpDT0RvLWVLZjl2NENGUXVzZHdvZEJxd0JHdyIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75AF 143 B
166 B 21ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 01:51:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB22 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAACJAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAADg_vFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAANDMjGZAMAQSGkNPRG8tZUtmOXY0Q0ZRdXNkd29kQnF3Qkd3Ihp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11F0 0
0 56ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1806537185195917&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEBQhAAAAACBK8kAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAAAANDP7c0AwBBIaQ09Iby1lS2Y5djRDRlF1c2R3b2RCcXdCR3ciCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 834F 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dw9OcVyKjC-MUkWjQoH-W52L00qLUqQ7ZRbxQrH5gdvp1BtdcKRQEVCP0TFBAp6VVqVwySnDe_iLMLuzicQrY-6AsvHfcRlWwXkf51SZEF2GA5upU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 834F 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8981948642411047858&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 834F 78 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 834F 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 834F 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 834F 169 KB
52 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame D5F0 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEDIhAAAAADAz0z8wBAoNEDMhAAAAADAz0z8wBAoNEDQhAAAAADAz0z8wBAoNEDUhAAAAADAz0z8wBAoNEDYhAAAAADAz0z8wBAoNEDchAAAAADAz0z8wBAoNEDghAAAAAJiZ8T8wBAoNEDkhAAAAwMzMNUAwBAoNEDohAAAAAACANkAwBAoNEDshAAAAmJlhc0AwBAoNEDwhAAAAmJlhc0AwBAoNED0hAAAANDN7c0AwBAoNED4hAAAAzMx8c0AwBAoNED8hAAAAzMx8c0AwBAoNEEAhAAAAzMxMdEAwBBIaQ09Iby1lS2Y5djRDRlF1c2R3b2RCcXdCR3ciCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB22 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAUIQAAAADwZfJAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAAGhmRm5AMAQSGkNPRG8tZUtmOXY0Q0ZRdXNkd29kQnF3Qkd3Ihp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4863 624 B
242 B 69ms
68ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjM8_zbATAB&v=APEucNWLpigbh5LUQPo6o97MPYcVdiOKjV6rrZNCUBgss2gRR9nkAj41kGCkc_7sdBpHmn2oR0KrgkXjoHMQ_x8jFiT8mwrZQERLMIy6gYpXwsImuFC6HS3PDDpAEfzQtc9ahWm9O88EQ5mCkFSnjbzniAnU5_0TX7B4cW122YT0ebFZ2aNfkWw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
expires: Mon, 15 May 2023 02:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 9479 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D3C 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OSeOxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4863
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOyeRJMWKZUX7osgVRvuD80&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOyeRJMWKZUX7osgVRvuD80&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjM8_zbATAB&v=APEucNWLpigbh5LUQPo6o97MPYcVdiOKjV6rrZNCUBgss2gRR9nkAj41kGCkc_7sdBpHmn2oR0KrgkXjoHMQ_x8jFiT8mwrZQERLMIy6gYpXwsImuFC6HS3PDDpAEfzQtc9ahWm9O88EQ5mCkFSnjbzniAnU5_0TX7B4cW122YT0ebFZ2aNfkWw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOyeRJMWKZUX7osgVRvuD80&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4863
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJlwVTY-G9fdgAxgkHZwBc&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJlwVTY-G9fdgAxgkHZwBc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjM8_zbATAB&v=APEucNWLpigbh5LUQPo6o97MPYcVdiOKjV6rrZNCUBgss2gRR9nkAj41kGCkc_7sdBpHmn2oR0KrgkXjoHMQ_x8jFiT8mwrZQERLMIy6gYpXwsImuFC6HS3PDDpAEfzQtc9ahWm9O88EQ5mCkFSnjbzniAnU5_0TX7B4cW122YT0ebFZ2aNfkWw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJlwVTY-G9fdgAxgkHZwBc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4863
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELZytDC4aJS0MkPSRb5-Hic&google_cver=1

43 B
1 KB

31ms
29ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELZytDC4aJS0MkPSRb5-Hic&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjM8_zbATAB&v=APEucNWLpigbh5LUQPo6o97MPYcVdiOKjV6rrZNCUBgss2gRR9nkAj41kGCkc_7sdBpHmn2oR0KrgkXjoHMQ_x8jFiT8mwrZQERLMIy6gYpXwsImuFC6HS3PDDpAEfzQtc9ahWm9O88EQ5mCkFSnjbzniAnU5_0TX7B4cW122YT0ebFZ2aNfkWw

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
AN-X-Request-Uuid: d4a4fa56-719e-4e79-b646-b1f4a2f42f79
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELZytDC4aJS0MkPSRb5-Hic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkxODAwOTM2MDEyOTc3Mjk3MA%3D%3D

170 B
243 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkxODAwOTM2MDEyOTc3Mjk3MA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 May 2023 02:12:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2904a344-3124-4a75-8c5f-83e6548d2b6c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkxODAwOTM2MDEyOTc3Mjk3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 3443239006339795155
tpc.googlesyndication.com/simgad/ Frame 4419 116 KB
116 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3443239006339795155?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSHxeJL_t3UR8odSUHx3wCUG_s3Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

381996738de7ccebfb74774a4b0c8b2f23df94977f98a9895bcbbc204cc683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:40:47 GMT
x-content-type-options: nosniff
age: 106299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118857
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 07:11:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 20:40:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 4419 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4419 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4419 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4419 0
0 35ms
35ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR18sk6EegRI71osPepiKXQm9C-uajbn3tpnZPk7sjqPxTryfqRRtowuReD7jD7GYiY_tDUJInjEQSjdxRYk8PKDkpHBg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4419 169 KB
52 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4419 32 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:09:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:09:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 834F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8408814284570&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 834F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8408814284570&version=m202301230201&ct=76&x=1&cor=8981948642411048000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 834F 90 KB
37 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-VItcVlKTSq4MvfZnz1fAUAZlnvT1B7D-Y0ghteqGV3dzwWbsImKz_XbMPHzeqhTr1kk8-SbgKXxZ7PRmpaOCEH2H4wl8oaP_bwuy06VnmFFp9U0&cry=1&dbm_d=AKAmf-B6CPzSvj_gK3vohqGWyeA6ZUcPFIXbLaKdvs6l83ho64F-I8zHDr-TyuU4-wpnvtdrheorxTJRTGH7Y6yCots5Ylmz1DJpwqiWtv946KhspczWwcWiVtnH_Qg5X3oDgjk_AZvNJSRS5gZCqJdB0teMB20iC4U20qgft9-CGTFdgelWLC-xSHIy3A57buLMvvr2X9ndbD0DK_eHPJhpVH5y8rx22THB8Ho8NSdvB_o3OKg5RqgFzsJtzu1Mpjnp_2HMvMMSt6GoJvCaweOkSbXEaR1qa52la6DWCieX3oOV-kbah2tkELBo-1XwrnTKvgf8eEfkma_l-kYWlmsOsfomlAcEWPOkVYVBnOlv5nbYiRYWGYczd-D_5Uzt0tygc56LqjjSFb7CRKEfMpps2Y2M_3L7d5BP3MQlvFP4lS4_YmQy1hwiDVnYvi9DaItuq4irsDiL7kjFwlYw_zIVU-ZD5JhwuTf8GlXaclTW_rTJ_bMcMt5BTQGpRtPuysFf6y8zvWbMTC3X10tImpJUxeqIMBtO3J2gCIBLowydnQ4jm5WgMSSVdd1oztZ6nJG8usZ8gah7tWuyjjWMqNQlFkULPN_2DbhSWAFgoACDU6VBIHdMp_Q5QPijrv668XP-hSjDAATrYZ9ulPbrPCxOU7RbtDFiFklPmPnujP1IYUzzq1QmaZEu0XUmaCWyDGQLD0vc1KKAQMZfD1CThnFmHXQg_Xfz8NPL4IHTt-dnsUcaCJWhsXdcRJayNeLYX1SVIEzTMIfRkd3QXPGebN3tx-A7Fsc8Q5s7ym1SJ30C5RQkBwda-SIOS6O6MXqZ_pdXgbFHGxJquAhaerJ-p69eY4qc2ydzZIxjC1HyqKtIlWX09MLrVktEeOl44-c4UIOqHGSSAad2mGG9cHrmhmWtC1E38pJbvMXBDoFL49_vvRDJmJMBQ5Nr33OVIy29wE6-7VU0qh54X-nr90oL_LZI3GJRKfb5856wBpHAYEH8QKNd4dw3gEmjdSKO0StmnR411POtqlWBllhtDF4BDBZiBs0nbHnN0q9qAycQ7YvQNSdx_PIVxS8cWXzYD4EXU9CRkHPiGaQHGwyFjfXDOt4F-EftnxyhpWFPeYYMtInI9oJ-360kw4Oszs7O-PneGgk91h0pketB1kGuuHxz8D_uJh77JhqmD3dFnJb2teLsrhD6B0ofbxV-ztoZckaOOm639x8Ep4t5GPYexOPGzjx_abvEOwcpJsyOe4D5Aenv_XmuLtHH_FkAT9MUUSRJM0-N33IIhYTzh0aHYUiAr3qopb9QfYy9xdpR7SuYGVnsMu2fU8vO1dLlPzxLzHnPWtdgfu49ymY-E9u3UGpqDwKQ_lM-WK84aaEfyNlM6iwf1k22HGrsqk1wLnZXJ47eD8RxSsZUi78bxTzYuastcS0_2XLhoIcXFQIGwmSFHim4NR6GtjWMG5L9MD-6IzjA4dyJPMdSXGngTPdxCIOfFlDfgm6k8wJd4Ea62gt_99PHPujqeVD7sKaZRZQljWq-DOZkVucgVrn4RxlrxjXj6_Db_FQckqfB4t1WUYNiS2YGMJUndqVWmb7SyLl8dG0OGY_Kn8mdmyPrtOSXlEGrHOnjGAKcwpfwIDSxjzvOTRuEohiJmVSKSI-n7zKqxOuZ2aUC8VpwxTmGwEMTkirQlm2CfN28IXsEwuM000yLGXjeCd4ti2jDy9xMZA8PpGvjxpRfAhm5Ji2oWfqhWqC77acwS3ud9lIicLaZmqkyMTR07xNtmr3QAZwb7j-1OAnWwgYGihDMr2nNZ3Uei1l4CXAk3tg8wNMKIJMr_nXnTDUVuLnv8pox38eeqpRf2hzqv90m91wRuctPzWPaf5raVFn65-m5Grv3NxulfR9hFdy4VAPgJpt_1xGBTp0K1lHbrrusH-2yKRrjyZ4LpfbH3x0KeVo-RyRUips7kb4GQ98aQwsBvMQbyj4OkqhvsHThnxP8Wzhf_0XJlXZuf7W3-SwrlfzM1eJBsH6-nVFgMPHhRbQ5inNHpBBr9IzjmJ9G5r64S4E6xu6ALrNr3qqO4FfPzNWxsKZWoAM3fiD8HLrI8K15K1c1rHceCyCQmA9MyD12bAywKlYJka-eWjf1bIVFiqjDq_pZGzm3G3JAGW0SPVe3id-fhoZM0TyscWAjR04OEbfQwKJLo6QZ4j8UAfyR8LndWJbYk06HSJOjAkCQ1MqQm8t43K5uvbcOU6cXQ4-zPkyG7jzynJAHo20vI5qUjrfZFq-DpKjsTsrO0T_s6MRNmWp8aHI6z9mWL6CjHQHWcwdcu_T9ETYT3ahxpC2WiL9Nt6o4M1Jlm8WU2gbUyFJ5eKizsU-g1FXnIzetwpQYLBMz3XGV7CnFGx8e2w73wQNHY9_HMeI5xCdYU-KSKxW4UCdqclDocZjq265PX9llpV_VFueXWfwBGRpXcDg54lcLc07rDCDiQwQOJZBKPbuQFP3C97VUbipFz_9NB0th1wuOGPdUHhZjDpknK4pUoiXo2A8ifdlTKSnGJjbk-EfYqxtQMYZbB00E1nJfFX6nAYn6JBGANT3b7SJnSCH68Lp_e_oKA9H-Bsxk4loxf1JmxvX2n2BNN0iQ1_FAwXrYtVrLvYDJOPlvhCyt5BYV8HOLtF2MWBma4gaKGhKlvYrSvEIlb1FKDlhHQ4f13MoFshsQFT0yhqIffOtMJifolU4kG0fztaw2BsufBZMEOPpM8Folp9qxc3FPXgLxNf8Q77R1gZc5gcwXy5T7JhwgbHvi4a1N8gA9UbCz6V5BGvVfDGBnQ3TEbSR5pLr-q-QkL1HBSMOSJ0w7dG6JB3HD_JWw-RMDcaHM2uf03IxySRyvF_GU4tICHWH0zOzvrQ9ht4VPIXljQmGm7iuHBy3PTX1HBC2Zsf0BwIMO8tTthUQ_qDQ6fjECoNIFZy8t1co8-DNb4QDADSjZhGHHVYideLzVu0yAhkZBtG_JgBqKQYkwHUKSlZhl7eCDfjRynyuPj2B_65jKd9yZkjcjHJ6ZeAqy4zFF5wEVcfw3t5eRxhUNa04h-DhueyevRs7PT_H-z5RSMfZe7eNtlujlTJn1lB-3tg_YKPkbkyo5bqiVJt9Lkulu0C2oOmDlnOwytqcDJ3q4JBWornQxb3hdxtxY4kGYHV5hPuEr0cMN4-SOJ33azoNYDNsUwUuNzvwojQr3f9IyB7a7FoYOjcdw_O1-J2HGNKB983Oc-Bd7cLZuZsXr0mBRpHhf43CSxa4z-GLtgysWnAG1QPSNtUX28HBHLJcVygZXSQTzfYIaD7q1HpMdD7ZHscMFda2PWi-ouKNzOp6gV-1jSLcDrB54jAwh1doHev-AajlRvC7gLv1dEybAhG8mzNIR448QsMxmxMd0IgbeO1lgrZ55NIXM5MCEHXhF_9mSF4A6m6JCK5SSlysDTFEBo8HAdCBLhmrgXBdqJHGPurCFDZ9gtiP5-bsrsD-zbfg8bRqu9rRDP1iWptmWlWpFI1xXUrXHBN_ahfKpajApjsWqvnoeTYqFWKDhIzQ3gVSA-Qa3j71FFFgXJyIBydrUJWwJY3eUjoJoa-JZyMS7hkqoW1tVh1CW0fHXVcGDTlqUglZVjetYbxpwokr3J6U4MzkzHaQPyzvefuQj9Fk04eImX0_T8L1pgu5fu1T4XB21CuVW6UNJ0n0GIK3ZcEFxkAoMSyTXDBZyKHl0mh3iFwKDImL2TVQIv6XlTr3H770alA&cid=CAQSPABygQiDhXk95LyaEZxhdZDd-VqixNzelna-F09wTb5q_SyR-iv-_2xqYQnjAwo2rk95CS1Ep7WSqxjmjRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsecurityaffairs.com%2F&ds=l&xdt=1&iif=1&cor=8981948642411048000&adk=3047537735&idt=63&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82a35a97cc337fa829a105ef16ec2eac8cb521b75b328e7123ddf0322226ce23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7470690496156294274
tpc.googlesyndication.com/simgad/ Frame CA9B 106 KB
107 KB 37ms
37ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7470690496156294274?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkmepWygvzRnpqy1x5m36DZ3X2Vow

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4195b28781e325b0e1b8cd5520fc94b295a0fb710bfa2ecffa575087733e875b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 22:27:45 GMT
x-content-type-options: nosniff
age: 186281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109048
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 07:04:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 22:27:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame CA9B 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CA9B 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CA9B 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA9B 169 KB
52 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CA9B 32 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:09:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:09:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4419 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cev3mCpVhZJFOjPzfA9-_mMgFtc_lu3Dyq5OvyxHUhLv7mgIQASC7o-CYAWCV0p-CsAegAZyv-6gCyAECqAMByAPJBKoE5QJP0BmWVKmsiFsCxIm4LzD3kFdpeNfpQkGX4O4-ZW6mAq5BCEQ4Od9ndIV4Lz50JF-MraS8Zh_waDzzTqYsZ9mwjP04nhvrgKVUZD8f-hWZAQ6A9HBFe2qHMl7tAPqQkxCUWi681ImGMqlm1cxYDPu7UHtG3TXEvTz_wnSmaab3CeJV8P3NCR4GF1RQ-KO5nh6QaOBgotB2ZRw45y_fJZMxFdgCN686tU8HntbRaYMzF8LoEQ03yduTybMcX4UOLZRys1NUuaUiOo_GpXV9SkJ-vqkz5tnfytiSIIPPD-3psrTylhhqrTs9VdI-62h18I1mtXWLbiq5rycCtLUvqgZ9cysYgthGPDznn3Zb_-3d01P9Jfx7Xmp9I1-90L2VRcmTMbgB-a7EKJu4jjtahONIRddmsp1flAQxiwWK-sxI9bVSDHigxjsxCD89rkByuxlg4vxy2j47Wfn3GGRdDZFMKmWFCI_ABK7Nr762BJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMDUH9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDkxODA3MjA1NzE4MTc5NBgA&sigh=PPq-nP3cO-Q&uach_m=[UACH]&cid=CAQSPABygQiDjcDI8BLcoy7rpAkVFwUDyEpQJmMaMCezfnrHz7RYVy6Et4a_E9xIeg52xrQ-NuY1DyPx8k2nSxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CA9B 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfl3gCpVhZLvGAoTY3gPnoZWQD8v_0oNwrYiT85ARj_SQ49cCEAEgu6PgmAFgldKfgrAHoAHEu9-_AsgBAqkCuEm_tTNnsj6oAwHIA8kEqgTeAk_Q2Sxcuxt0jtxKk9yydtnuPSdXpJbJ1dT59baKrA9TfOpOzPpuaqMlELlWD8CLyQSjSjo_U-gn1HMh-zA7M70F6KWbMwLC6de7iuXYLNkGWyDL5ednIKf_KbSFFMG_jz5yaVGb2gnW13hxiSzR-bbSYS-Pxs0uH6F1qlRTP4wJUCH0YhHr4xxROoxSI8b-Qq6VIFJG47rCSfaBIDhWnjQhKac4BWjzfGrHwGop6e7Mak1bile-e5_v0XRaKMVuRhnjkdXho_DYiO-UbbA3bYUbDNtf526mmGog0Y3jq-W3V3P1lzvC-2VpAlsweDb4nFHwzTcOEz2_dQ8nrBtPRkIssWvgLTFew9R1_BWjYJNipqu_n7EdVYG7YYLqHEksPiwerX7UvRnRpcfsxGnGiRMzNpBkAJY8tD8Y3L-OukvC1ehYeY3_pefLwKe0NjuEfV2wdunsRqqoagwG0WwqwASPqILfoQSgBgKAB6TEoMABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmoEJ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=0vwQncPAfKM&uach_m=[UACH]&cid=CAQSPABygQiDIFgsWiuCKDoQ_pnIIO8eGeGHaU9QBplzmDMGYWjkRhL1aN2yckJ3mylvQi0QWAojZl12N-DJ_xgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E6D5 6 KB
706 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E6D5 2 KB
765 B 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame E6D5 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E6D5 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E6D5 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6D5 0
0 30ms
29ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy4-N8PjdtHOng4pV4S8zBeLy0vSKYL1EVx7bx5HLDB8dqEv6zK67pfFfg_N9BWbbE_nWkLR9MgbPfNEGx7rEK0nqTWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6D5 169 KB
52 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame E6D5 32 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:34:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6D5 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf7fyCpVhZLi1Aoju3wOX86XYBbKki9JeoL_y5t0LnriItoMDEAEgu6PgmAFgldKfgrAHoAHRpLb_A8gBCakCuEm_tTNnsj6oAwHIA8sEqgTjAk_Q-Jb_4afIu23olNQDJQIOI6reO0suGGm-OjXA4LjgAXg1KVsnH97sQ4vWQUw7oZFJkhbgZ8_d7Un2Gc8yqZS3GwZQxjRYHiTB31VG8dCM80SMjpu7iheR41ggXf4FUoUoJVjeBMU5nUMsLE743F2wnpU2Y3pfWf-oktHOuQZrnFf8byogB07dPbbcPbMDCp-J8VIg-UB8dYzYeVGLUaMzjh-o5OTTw0GS41mJVSWvaMtXySYewlHoBN0Jay-djfLOqT5yhop7GG4ogw8oKgCMJpLdz5sLhr88rhgkUA07yvbYgtwnsxoUm5eDJJqWBrwfNDEyZfeiNWm4ee1wgd-x6ook0YlvZ2xfOnByha8T8DCjA7XHauo0hEjJTEeCGUuyphzzZCH4gav1svpoCkc2cT90dyDq7Zt0IM2prbCD5Qht137wjT2AH5WMX3bvR_BbfNkwc-7SdWfuRfEPEZa4y9DABK2gl5CJA5IFBAgEGAGSBQQIBRgEoAYugAeX20moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDt0B3SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=hsTecHRUvEY&uach_m=[UACH]&cid=CAQSPABygQiDoEmN0SSJXPlcNn4b3-LKfxLNkSZBNlsjY8Qz4CVt6n2HJoJqxW9ob0d35CBObbc3AKVVftNKZRgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 834F 170 KB
59 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 834F 11 KB
4 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-VItcVlKTSq4MvfZnz1fAUAZlnvT1B7D-Y0ghteqGV3dzwWbsImKz_XbMPHzeqhTr1kk8-SbgKXxZ7PRmpaOCEH2H4wl8oaP_bwuy06VnmFFp9U0&cry=1&dbm_d=AKAmf-B6CPzSvj_gK3vohqGWyeA6ZUcPFIXbLaKdvs6l83ho64F-I8zHDr-TyuU4-wpnvtdrheorxTJRTGH7Y6yCots5Ylmz1DJpwqiWtv946KhspczWwcWiVtnH_Qg5X3oDgjk_AZvNJSRS5gZCqJdB0teMB20iC4U20qgft9-CGTFdgelWLC-xSHIy3A57buLMvvr2X9ndbD0DK_eHPJhpVH5y8rx22THB8Ho8NSdvB_o3OKg5RqgFzsJtzu1Mpjnp_2HMvMMSt6GoJvCaweOkSbXEaR1qa52la6DWCieX3oOV-kbah2tkELBo-1XwrnTKvgf8eEfkma_l-kYWlmsOsfomlAcEWPOkVYVBnOlv5nbYiRYWGYczd-D_5Uzt0tygc56LqjjSFb7CRKEfMpps2Y2M_3L7d5BP3MQlvFP4lS4_YmQy1hwiDVnYvi9DaItuq4irsDiL7kjFwlYw_zIVU-ZD5JhwuTf8GlXaclTW_rTJ_bMcMt5BTQGpRtPuysFf6y8zvWbMTC3X10tImpJUxeqIMBtO3J2gCIBLowydnQ4jm5WgMSSVdd1oztZ6nJG8usZ8gah7tWuyjjWMqNQlFkULPN_2DbhSWAFgoACDU6VBIHdMp_Q5QPijrv668XP-hSjDAATrYZ9ulPbrPCxOU7RbtDFiFklPmPnujP1IYUzzq1QmaZEu0XUmaCWyDGQLD0vc1KKAQMZfD1CThnFmHXQg_Xfz8NPL4IHTt-dnsUcaCJWhsXdcRJayNeLYX1SVIEzTMIfRkd3QXPGebN3tx-A7Fsc8Q5s7ym1SJ30C5RQkBwda-SIOS6O6MXqZ_pdXgbFHGxJquAhaerJ-p69eY4qc2ydzZIxjC1HyqKtIlWX09MLrVktEeOl44-c4UIOqHGSSAad2mGG9cHrmhmWtC1E38pJbvMXBDoFL49_vvRDJmJMBQ5Nr33OVIy29wE6-7VU0qh54X-nr90oL_LZI3GJRKfb5856wBpHAYEH8QKNd4dw3gEmjdSKO0StmnR411POtqlWBllhtDF4BDBZiBs0nbHnN0q9qAycQ7YvQNSdx_PIVxS8cWXzYD4EXU9CRkHPiGaQHGwyFjfXDOt4F-EftnxyhpWFPeYYMtInI9oJ-360kw4Oszs7O-PneGgk91h0pketB1kGuuHxz8D_uJh77JhqmD3dFnJb2teLsrhD6B0ofbxV-ztoZckaOOm639x8Ep4t5GPYexOPGzjx_abvEOwcpJsyOe4D5Aenv_XmuLtHH_FkAT9MUUSRJM0-N33IIhYTzh0aHYUiAr3qopb9QfYy9xdpR7SuYGVnsMu2fU8vO1dLlPzxLzHnPWtdgfu49ymY-E9u3UGpqDwKQ_lM-WK84aaEfyNlM6iwf1k22HGrsqk1wLnZXJ47eD8RxSsZUi78bxTzYuastcS0_2XLhoIcXFQIGwmSFHim4NR6GtjWMG5L9MD-6IzjA4dyJPMdSXGngTPdxCIOfFlDfgm6k8wJd4Ea62gt_99PHPujqeVD7sKaZRZQljWq-DOZkVucgVrn4RxlrxjXj6_Db_FQckqfB4t1WUYNiS2YGMJUndqVWmb7SyLl8dG0OGY_Kn8mdmyPrtOSXlEGrHOnjGAKcwpfwIDSxjzvOTRuEohiJmVSKSI-n7zKqxOuZ2aUC8VpwxTmGwEMTkirQlm2CfN28IXsEwuM000yLGXjeCd4ti2jDy9xMZA8PpGvjxpRfAhm5Ji2oWfqhWqC77acwS3ud9lIicLaZmqkyMTR07xNtmr3QAZwb7j-1OAnWwgYGihDMr2nNZ3Uei1l4CXAk3tg8wNMKIJMr_nXnTDUVuLnv8pox38eeqpRf2hzqv90m91wRuctPzWPaf5raVFn65-m5Grv3NxulfR9hFdy4VAPgJpt_1xGBTp0K1lHbrrusH-2yKRrjyZ4LpfbH3x0KeVo-RyRUips7kb4GQ98aQwsBvMQbyj4OkqhvsHThnxP8Wzhf_0XJlXZuf7W3-SwrlfzM1eJBsH6-nVFgMPHhRbQ5inNHpBBr9IzjmJ9G5r64S4E6xu6ALrNr3qqO4FfPzNWxsKZWoAM3fiD8HLrI8K15K1c1rHceCyCQmA9MyD12bAywKlYJka-eWjf1bIVFiqjDq_pZGzm3G3JAGW0SPVe3id-fhoZM0TyscWAjR04OEbfQwKJLo6QZ4j8UAfyR8LndWJbYk06HSJOjAkCQ1MqQm8t43K5uvbcOU6cXQ4-zPkyG7jzynJAHo20vI5qUjrfZFq-DpKjsTsrO0T_s6MRNmWp8aHI6z9mWL6CjHQHWcwdcu_T9ETYT3ahxpC2WiL9Nt6o4M1Jlm8WU2gbUyFJ5eKizsU-g1FXnIzetwpQYLBMz3XGV7CnFGx8e2w73wQNHY9_HMeI5xCdYU-KSKxW4UCdqclDocZjq265PX9llpV_VFueXWfwBGRpXcDg54lcLc07rDCDiQwQOJZBKPbuQFP3C97VUbipFz_9NB0th1wuOGPdUHhZjDpknK4pUoiXo2A8ifdlTKSnGJjbk-EfYqxtQMYZbB00E1nJfFX6nAYn6JBGANT3b7SJnSCH68Lp_e_oKA9H-Bsxk4loxf1JmxvX2n2BNN0iQ1_FAwXrYtVrLvYDJOPlvhCyt5BYV8HOLtF2MWBma4gaKGhKlvYrSvEIlb1FKDlhHQ4f13MoFshsQFT0yhqIffOtMJifolU4kG0fztaw2BsufBZMEOPpM8Folp9qxc3FPXgLxNf8Q77R1gZc5gcwXy5T7JhwgbHvi4a1N8gA9UbCz6V5BGvVfDGBnQ3TEbSR5pLr-q-QkL1HBSMOSJ0w7dG6JB3HD_JWw-RMDcaHM2uf03IxySRyvF_GU4tICHWH0zOzvrQ9ht4VPIXljQmGm7iuHBy3PTX1HBC2Zsf0BwIMO8tTthUQ_qDQ6fjECoNIFZy8t1co8-DNb4QDADSjZhGHHVYideLzVu0yAhkZBtG_JgBqKQYkwHUKSlZhl7eCDfjRynyuPj2B_65jKd9yZkjcjHJ6ZeAqy4zFF5wEVcfw3t5eRxhUNa04h-DhueyevRs7PT_H-z5RSMfZe7eNtlujlTJn1lB-3tg_YKPkbkyo5bqiVJt9Lkulu0C2oOmDlnOwytqcDJ3q4JBWornQxb3hdxtxY4kGYHV5hPuEr0cMN4-SOJ33azoNYDNsUwUuNzvwojQr3f9IyB7a7FoYOjcdw_O1-J2HGNKB983Oc-Bd7cLZuZsXr0mBRpHhf43CSxa4z-GLtgysWnAG1QPSNtUX28HBHLJcVygZXSQTzfYIaD7q1HpMdD7ZHscMFda2PWi-ouKNzOp6gV-1jSLcDrB54jAwh1doHev-AajlRvC7gLv1dEybAhG8mzNIR448QsMxmxMd0IgbeO1lgrZ55NIXM5MCEHXhF_9mSF4A6m6JCK5SSlysDTFEBo8HAdCBLhmrgXBdqJHGPurCFDZ9gtiP5-bsrsD-zbfg8bRqu9rRDP1iWptmWlWpFI1xXUrXHBN_ahfKpajApjsWqvnoeTYqFWKDhIzQ3gVSA-Qa3j71FFFgXJyIBydrUJWwJY3eUjoJoa-JZyMS7hkqoW1tVh1CW0fHXVcGDTlqUglZVjetYbxpwokr3J6U4MzkzHaQPyzvefuQj9Fk04eImX0_T8L1pgu5fu1T4XB21CuVW6UNJ0n0GIK3ZcEFxkAoMSyTXDBZyKHl0mh3iFwKDImL2TVQIv6XlTr3H770alA&cid=CAQSPABygQiDhXk95LyaEZxhdZDd-VqixNzelna-F09wTb5q_SyR-iv-_2xqYQnjAwo2rk95CS1Ep7WSqxjmjRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsecurityaffairs.com%2F&ds=l&xdt=1&iif=1&cor=8981948642411048000&adk=3047537735&idt=63&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:09:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 834F 28 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10883
x-xss-protection: 0
server: cafe
etag: 6886435266232968791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:13:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2024 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 01:51:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8936 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Mon, 15 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E054 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 01:51:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C52 1 KB
643 B 25ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Mon, 15 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4419 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2a972f003e9e2afb728ffa2397a67c434aabcbafb20f209d6dc03a7560cd99b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18082324330070141350/ Frame E6D5 54 KB
54 KB 26ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18082324330070141350/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f2434eb42d6beb733fe20be30ad702ab4e020cd2a0606c6e7cf9c0ad342c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 12:23:10 GMT
x-content-type-options: nosniff
age: 395356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54987
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:58:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 May 2024 12:23:10 GMT

GET
H3 200 3443239006339795155
tpc.googlesyndication.com/simgad/ Frame 9C54 116 KB
116 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3443239006339795155?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSHxeJL_t3UR8odSUHx3wCUG_s3Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

381996738de7ccebfb74774a4b0c8b2f23df94977f98a9895bcbbc204cc683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:40:47 GMT
x-content-type-options: nosniff
age: 106299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118857
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 07:11:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 20:40:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 9C54 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9C54 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 16:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9C54 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:04:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9C54 0
0 30ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfCOwKmhpAYc2ht3mcWDhxUq6AQDvxrrxDn-nU3_n1m9ANMnVBDBObFJkWHjL0GzkGa7Kmd8gUAn6-o1ijiimSV4sjDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C54 169 KB
52 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9C54 32 KB
13 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:09:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:09:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C54 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuMNdCpVhZNG_A8fb3wPtrr3QCbXP5btw8quTr8sR1IS7-5oCEAEgu6PgmAFgldKfgrAHoAGcr_uoAsgBAqgDAcgDyQSqBN8CT9B5gtLnrJ1iUU7aX4rDdo7Ul3_vIHJ40BUVv0AvKV_k4mnwU1ImxIOAapUhVCU96eMv6EhuIc9-tJWWRtUl50sYWGNZJe6-IgS_EiNiW3fBy64lpyFBZbbtViZmzCKMzDeJW-td7TrpXjD_E-1f3sji-cVnMZt2tdVjZBxbzXVw9fCBxHRwq51uMNywa_i6mYj97GBlMb_YJDA8YKtDQTQvjhVMObeuN8oOU7b9PAEpHB-MYqOp9QTD5w5utP9sqkcrtms4omylSJPrN3Vn9mESeHNHARfbUrT3jLzvmnHXSzjfXieomnlxtj47_BGa8oB3vZ1gL-URDnXcmbKXPZ1SCOqYG60fJtLchE2-jzubN-sBbLobDgl7Gvds6AvmWou_UhoCq3lfMVbwsVAjpQC72Wxbut7G5ATNyHt53Uuip7CahXEpZ9W0DImxz5sk7LecYPOgizsj8WZ2kZ83wASuza--tgSSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCqhgzSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ5MTgwNzIwNTcxODE3OTQYAA&sigh=roTfF-kB85M&uach_m=[UACH]&cid=CAQSPABygQiDyWehnfZDDlSHyP8THEBao0Py35Gx96I_9AejccCJMadK7cJxhJxkydoEXm2OsnlsayIozZ1OuhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CA9B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5dd6333f86324638910a2cad9120047b1df2c271269f064cd05e1d0e2878070

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9644 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Mon, 15 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E6D5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b9af3f7c0cf9a8df13c083582c740e1fa50fd10e00aff1940f51572edd9fbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8936 35 B
463 B 75ms
22ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEGNZS07IGwy28vNcBFaSfM&google_cver=1&google_push=ATf1kGP_pis3VdQ3W280YEyilv621bRHuT5pmZ6gRlxmCzZQuWl-KykE_HRTnrXZu4FzXjnUj8fC7U-vAjSNWMxNN56Jl5m1vlYh8og

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8936 0
104 B 175ms
73ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAavYS2b0HP9Gzi_Bm88lj4&google_cver=1&google_push=ATf1kGN2OAos6rCClCLYFsnW5dCzNon112AEcdorZfu3jqpYpXSdP3HooPzJig1nPiOWwqFClBbqcb00jYiW0ZolbDbyITUuWundFa8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.11~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116745&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=2&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0&nras=2&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HZyRe48W6i&p=https%3A//securityaffairs.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8936
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwL...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTd...

43 B
418 B

201ms
184ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db263e61bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 174
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENlrfVWFqSjB2o53832yPZg&google_cver=1&google_push=ATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM08TCj94mNRoiqkOg-hh9mf3yXGyrXfWsdP8-gFwLinCtYHVErOKCt8gqmEmVmx3-2Bnl3bVylSXA_ticA3IAnCSuoeTdwLMo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db248cf1bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8936
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMa89NU_kyE8gQBugrFTro8&google_push=ATf1kGP6NPwxkwmLJrn9qE0VUVGujSpVZGQM4fbnIxzHCqhXWhdVIG47Jd...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMa89NU_kyE8gQBugrFTro8&google_push=ATf1kGP6NPwxkwmLJrn9qE0VUVGujSpVZGQM4fbnIxzHCqhXWhdVIG47JdptkRlXzmmh3XIsAclGDFAqIbYeXpuRniAa77d2KbIkwIQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684116747.973960,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMa89NU_kyE8gQBugrFTro8&google_push=ATf1kGP6NPwxkwmLJrn9qE0VUVGujSpVZGQM4fbnIxzHCqhXWhdVIG47JdptkRlXzmmh3XIsAclGDFAqIbYeXpuRniAa77d2KbIkwIQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8936
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPssCL3mQVd0-2M9xHdCWts&google_cver=1&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fE1thlSQR4e9hU7WygO6lA2&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y0u6zDZ3u8n2mkbM

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fE1thlSQR4e9hU7WygO6lA2&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y0u6zDZ3u8n2mkbM

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fE1thlSQR4e9hU7WygO6lA2&google_push=ATf1kGMHzVzAtxpQWEvh0GKVTZaynrU1XMSBKQ3YnLnnWzacav7tgQsyunafXhkhvYBAe2Ji280CeD_ERd_4Xn7y0u6zDZ3u8n2mkbM
x-host: tde-deliveryengine-production-68bf66644b-xcrw7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8936
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOi_2jQDKKQa25iKs64GH1o&google_cver=1&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOi_2jQDKKQa25iKs64GH1o&google_cver=1&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MDk2OTQ0MDY2OTY5MTAzMQ&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZ...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MDk2OTQ0MDY2OTY5MTAzMQ&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd70BxgIf3hNQXeTEwdvUsbVTc

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MDk2OTQ0MDY2OTY5MTAzMQ&google_push=ATf1kGM1LBVSGiBdT1ywM6E2yng2PaMOGKYhYvRpE5vMvw-V7_LiqXc0KUi1YgSOYQeClGkIYPMWYZd70BxgIf3hNQXeTEwdvUsbVTc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8936
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAACHYAAAIB&google_nid=index&google_push=ATf1kGONG2KSpaLzJgxwM22o_DkI6SCB9e0Kb...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAACHYAAAIB&google_nid=index&google_push=ATf1kGONG2KSpaLzJgxwM22o_DkI6SCB9e0KbRfYD_DdK2EwPU2Rr2jsQ3EABZxZEXz6vSKeKg9wIUscnVvOmcy_RYwAfgk1bgtZjA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPoZ4bggy43mGxQ4D20m62M&google_hm=ZGGVCnUeoK9q0bM0EhU4KgAACHYAAAIB&google_nid=index&google_push=ATf1kGONG2KSpaLzJgxwM22o_DkI6SCB9e0KbRfYD_DdK2EwPU2Rr2jsQ3EABZxZEXz6vSKeKg9wIUscnVvOmcy_RYwAfgk1bgtZjA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8936 0
12 B 29ms
28ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOF1Ezfz3tWQq-MESs9TRPLUwnUYPde1hOmWcQhYv3XNA2wzmpfVKcKBd0tDwxhnnub-bC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E6D5 15 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 119291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E6D5 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 125253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:24:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E6D5 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 259569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 02:06:17 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6C52
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFf_b5vNsTtcamyl3dma40o&google_cver=1&google_push=ATf1kGPMbU09AxqhHdfZDrl_NmoJrtgdL4ZXYhvuDLATTUQXjXLboqcZ3HEOIS4fQ6kXH6jVahI1gVhNC7XqNsgFJHnukx6x-PhZtQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyOTY0NDU0MjE3OTMxNjA3NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1

43 B
398 B

49ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C52
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEF2fvSce_XoDzHdLqQp-bA0&google_cver=1&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf3VNSc07UDUKz_Mtg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf3VNSc07UDUKz_Mtg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGMwdzqiiap1huKhN5yW9Hk8xCxpeLRdBqKTVJauEz6RluF-qt-R-Jw6nrPaUwwkiYkFsPH6JCXN_gbS4Cf3VNSc07UDUKz_Mtg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 May 2023 02:12:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C52
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOgU_kcLZHnNIJpZT6EoRWs&google_cver=1&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMzIyNjM0NjczMjA1ODc2NA%3D%3D&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv83vp...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMzIyNjM0NjczMjA1ODc2NA%3D%3D&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv83vppjXbXjvGOJwA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMzIyNjM0NjczMjA1ODc2NA%3D%3D&google_push=ATf1kGMyvsxIQWm4_oE7KZ26KN3erKFZhq9D5u8j7NBACRbPZ_3H4zRYs6HgOn-mFGiXJ7EtlADWbi2huPmajv83vppjXbXjvGOJwA
Date: Mon, 15 May 2023 02:12:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C52
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELqGD2Gb4FAIHYQTx-YfzjE&google_cver=1&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00YxXYgYicpTgkxA

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00YxXYgYicpTgkxA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGNWVEDMhg3LzTdSABMfmt_BtWBA6tGMaPeqCacb1EnY_YpTN58yC_ZKqrtgzjkfvC09YDMrqHWWgC_yRw00YxXYgYicpTgkxA
x-host: tde-deliveryengine-production-68bf66644b-jdtrm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6C52 42 B
213 B 106ms
33ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIAEa9zcP7OoHmKsE3Xy-fo&google_push=ATf1kGOsbgP4enGYqbrgcILHSwR3VPxK5Ogvwqu63mIVAJUo3NGncvAHpi6dhBEGbYzeP2sbxXMcjzbLZ4zRg1FVvRGfS8ye-S9Rkw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6C52 43 B
245 B 78ms
28ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEKczW5iPZZioIJilLJDvQ8&google_cver=1&google_push=ATf1kGMg8GLfh_MB-sY2nszlOiK9EpVvNkvli77bi1Azxfoy4g81WQw7YctrC4G_nChV6_OPqJRTlXoQZxBfI4QXs89Qer4ljSM7GYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

report
sync.teads.tv/um/ Frame 6C52
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK0rKfmtvILw6ppbOE9XTro&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPSfRfFk6DjIC1nksNAQk85GBL5BtJlj5NtXwDPVEnABcw-eGZyRh2ymbOlmmNCfupHbe54l3zM-FuH36Dmsm8TyeMs-2v--n_E
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

53ms
53ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Mon, 15 May 2023 02:12:27 GMT
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C52 0
12 B 29ms
28ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAH2BgL3Sm2NDZG2Xm9r205l5VDGAW2q-uDhWv7bxxA8m6ntnXZCQvYnAJbf39p-OEgkIQJg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50F1 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 01:51:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CF4 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Mon, 15 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 834F 41 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 19:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 May 2024 19:31:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D82 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Mon, 15 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2024
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
expires: Mon, 15 May 2023 02:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame C829 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E054
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
expires: Mon, 15 May 2023 02:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EC6 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1259&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZHIQnRx4Mt&p=https%3A//securityaffairs.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
DATA 200
OK truncated
/ Frame 9C54 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e55fc3be6ae498157f7c2962e7b5f8e074a4bf1103a01a44508134ec4a976f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 834F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe96df10bbc5803df929f18888b2f9973b1cf26727ffa59b81bbeaaab1a32971

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/17236408239449440256/ Frame 63E6 47 KB
12 KB 80ms
32ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abd54f05f703b03c98279e65aeff2c8a876f4854059debbc9c95c106e218bac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
expires: Tue, 14 May 2024 02:12:27 GMT
last-modified: Wed, 15 Feb 2023 15:45:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 834F 0
0 133ms
68ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujvHmbX56DlTbUFc1sih77cDRZOLlPJfAbb2q7m7JHzurO6VPlfjDAgNAh5_2Tkej1TZt2ZHwTjcCIshiRK51BMDGU6eaTHaVUM72EfuWPvTmBFE3TXbWLXss2kMxl3s4-QSSHLwgY5nxJ3C3iJ3RsXVq2dUBy50OspvVXh2J9m3AIBiejCE8ACzYI_9pNBEUKt0RMkRQkhxoNdf4pO9PgCRl1r1-BDcvalRTka3_VcL0XnLcCL6mYmkDrCGvnG-HZR9i9_qzMBr8AJRpzLu5is2gjQZjg9ufF-0uDz4UTfkMZPiaEQKjAehpku_E_ChPwhJMkVCUpXQ_vSWZrcqjbPVJK5jDD1kX8Kbb-qo0-YpGisK5lx70f8DEJmeO4yLULC401u8wkXOC8ldkX4TNPln-9BQnA-RN6nw7dT36imGZ7OyUJZen3PQwNPcc-Y2Z579eXqSk3Y4_kZJCvJZcFQwNHeNB3yn8e-H8D-jKmeDVaYW8ug4nKMSBjyGO4EtahrJJ_ismAWyNEGhGkrPDW7tIzkg7G-16MlQxBtIkvhPE0hdDEk1zMMc-mZzFg7aXya8zC90wCQMzowOFW3Zmg0AQVZKAgDFNc8xyoqr28RKaWcYxn0WLLu0ZHjI9eje0KJ_z15cf5f5gL-qXAxnSYBZLUr6JjaBRB4w7We_ksciJHN3mFVWMTCF8OIUeIaDZ8tkjKhgQcDXsIjYFYvoDlt11XFbYYeq1zdz5GtCDn7OO6eJzTZaRwhBOXlhRrXyxgvDN--o8GrQP9EjKVTv8Vrh5ZOxALiXWExzXrNuH9VFAYttOFryVfg9SG4Tc4LMoZVADNXY0nYSxNegpZC6GJI9G4-d89MtzjCPdQq0nGRr5cPTu4bZy1t6cYLn7PcPPQyzdW2ipX4MqL_5yP9ATLCfQdsVA3MTE1QphljVvxiqxjGVONiMpeCUeTQRcbfyA71EVid5mjuhffJZ00_hIwqL5Z5qdcM0JYXXdcDNRrCudo5Na3Wbd9wA1nE559abMHnm9DHCyoUU2hJ4eXBeMqlVDUa2HLE1-sCTvazyVNugVQz5HVtUeCk5IzKQO5_vA5PMdVve0KPaoWuY-pG4lqvcvWCp1UMOzDf_OZYjT3BNQ10e0jt3o-7U6uFKzT0ObvAzBZOURFMxMAF9zbm19g0vA4y4X97SQAvIJwK-RrJpOZm77_2FwJFhGoCQ3sC3amHy_5MRGcp2j1j7nPU071YpLVdMzdRqQVsw8TeWGGuX9bW0p_lJv1I1lYJMrSPYFB4JKEZ3zzPzKHSzKAMyXEnn2GOCenEL2PvYsGYWa0iI_jxBhcMxWT9j7pCF0AHoTlBVs1hGN2OTFzCnNxdkUr_0QHSubGivuSgF0Zb0VWbmNEVPIEJ-IrVq7DdjT5Ve7V_uis9BEzjlfOxQ&sai=AMfl-YSh7J1m8QIxAC6PbuCDCxjZn5aicqYF5AOkAm-kZfW72QBe92UKfeShP7PzrrIZKsgYYGTJAs1_PAMS4C028Injpf2iWapB7S8mSyJ-QLmQ84pOIXnKPsRKc_Uf-tamFqt-IgW49qzj1SfJo-EM9QrEZiul7cSE-Lm06p4iM5AjDOld_OwkxWXqLOpqiD-hSbTXfUtVsVZOO9SaxGN_bcSKKXhsKDujX-e1noU0K2HSGgi5PMqOpJuDN9K9MwLoz4NOJNElUTPCAlDw4a0OGDdyws8pOtU&sig=Cg0ArKJSzNHmikRW0uIwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=234&cisv=r20230510.59221&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 02:12:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 15 May 2023 02:12:27 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9644
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB8uw-tDFFgZwR3j_j0h1-U&google_cver=1&google_push=ATf1kGPXQ9i9c2oWk9QflwPC_dXTHGleLg-2l8iinPrHe2NBXAgaFXHNtnw1z77ZPFte0z3uTZZ5cSRE7rM-IzImeGxaTEVBmh8YhNQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDYwMTcwMjEzNjIxNzI0NDAxMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1

43 B
398 B

51ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 02:12:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ0x4LyF8PI1UIf1GNP_FHE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9644
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj7UZcWEMX2hMG95vmhuQvvl_iegVrfp4PoqeujXa3Zn7B59xgLdzPROR0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEN88y_wby2Mvk6WemMJKhlg&google_cver=1&google_push=ATf1kGNnvpaNR2VWWHEAtLscaxOD94G4ko456Oh81jGiqdj7UZcWEMX2hMG95vmhuQvvl_iegVrfp4PoqeujXa3Zn7B59xgLdzPROR0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9644
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8X...

43 B
408 B

176ms
176ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db268e90bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2793
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE-YM11_zwVL_TCNYe2Csl0&google_cver=1&google_push=ATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNtisFcon5RfDnk84L52uhUOOVLJh3J_DJ_mwoGPsuAA2Ouy5kkVKwZ2LdCWohY3xulRtSHXAEIiGsuxaWtxjccLLU5W8XsClA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db251d53bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9644
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJNRQXufpRY0WAxuSytefm0&google_cver=1&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4lhbQ-Y2dUyD0ACIA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4...

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4lhbQ-Y2dUyD0ACIA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B96219429E2A4E0AA58B7D898C52BD3A&google_push=ATf1kGPtp6SEcKJrid6eGwoArH3YzC2QuN5mi1aF6u8_cw052sSIsOBNvvIOC82MRjvJ9eWMzig_YvuUZqVo-S4lhbQ-Y2dUyD0ACIA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 May 2023 02:12:27 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9644 0
173 B 84ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMDSS0zzE2K4kBVzOywqHb0&google_cver=1&google_push=ATf1kGPJUYgvvim4YoVjlvLm1WhbzTKTWdFUSF3GAQfZSIy9sz-8FMwF3Bnpb2MLU1r6QcNk2ARzH6mCs3xd8P4GT2U0sy7f0HX9_Gg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9644
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIzlXkqc54QRtPk6mg1PHM4&google_cver=1&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN9s_2nqZeuTJN-xw

170 B
188 B

44ms
44ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN9s_2nqZeuTJN-xw

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMsgftTNW5wtf5KjpSVxUDOE8exsZZa2HyL2F4cuj2AEp2FUhF2q6Qk8SEDGb8yvQnByogWjlIHWIjKDYvN9s_2nqZeuTJN-xw
x-host: tde-deliveryengine-production-68bf66644b-jdtrm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9644
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIS-qan0y15kF7R9bCm19UI&google_cver=1&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdAMb...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdA...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdAMbQ5wg0JWDHkBmUIZ4KDxdhhg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMYi-B8efJTV0sFyOusvqiqN23oA_Dbp84vSXGGP4zZegexKXmn_m-uv9_qdSYq_au-DWRcdAMbQ5wg0JWDHkBmUIZ4KDxdhhg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9644 0
12 B 30ms
28ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiTyftD85yjXVcIwVai_dNY-vyAZ3DWl9_f1fxiszIKFsIYYZJ8x3OJ3pKGt6WkoHoEsC4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 8176 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=-M&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280&nras=3&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZIx3L4FbXX&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF4
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJYU0pZBT6mNUleHMpdI4uk&google_cver=1&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK30N-vy4afHOAE0f8u_WdrzCHscmUSjv1EyxOm0S1mu&google_hm=k-LnI3tl4lZ9...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK30N-vy4afHOAE0f8u_WdrzCHscmUSjv1EyxOm0S1mu&google_hm=k-LnI3tl4lZ998tuQnWohA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPLUUaSZokSlIhu48JRAPNdZ1-a9SCfsdouT4fYsLi3sN-_7FS8xK30N-vy4afHOAE0f8u_WdrzCHscmUSjv1EyxOm0S1mu&google_hm=k-LnI3tl4lZ998tuQnWohA
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0CF4 0
103 B 40ms
37ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEWAw6Z3Wz98wAzAPYaD7rM&google_cver=1&google_push=ATf1kGPVehukkuQy5dBHECywHE_1ngOHzZ9l5qSquFI0d_klrKHQf8qR6dh42PYVCr7-RFdj0pfVduMkxkDM1Wv_dn1pxqzNJpbzUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlco...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlcok-Jm_wYjx37-hQ9r4nOYLSOOJhOlvKeMNtxIuFHdyb7_ynpHbAlJFsw

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 02:12:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVVWU25YTHcxUFluSGw1&google_gid=CAESEFcUwHF6TYOpjFJpMLehnJw&google_cver=1&google_push=ATf1kGMzbhN0tcy86pypmQrVEM7MNJs6vKBc4f7KDh8nlcok-Jm_wYjx37-hQ9r4nOYLSOOJhOlvKeMNtxIuFHdyb7_ynpHbAlJFsw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0CF4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbI...

43 B
425 B

177ms
177ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db26fee7bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 170
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEERjFjSxa9z6-u6e46ACvfQ&google_cver=1&google_push=ATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPG-0w2LBLNqIKHrA2vkXHjhopR2eMIG1mPwcmCPG0rLdgTH9ms_-cMcm6bUBs30RDPOTuvxOjpBU8QINpG7KApZ243mbIC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c77db254d7ebb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0CF4 70 B
265 B 211ms
72ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDSWNGtekkQsnJko5AlF668&google_cver=1&google_push=ATf1kGP_BMGSzIDvzOnYkQEUV21UCXFWJ-x61Df1AcgLTOli0jJmJMigfSA-9D5C16dEZNDytzZROq0LeyKHwl-7zqE2H4KL4hhumQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG81uvqWvL5udiczym75pT8&google_cver=1&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDjb7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM0ODQxNDExMTI0NTIwODkzNg&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDj...

170 B
188 B

37ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM0ODQxNDExMTI0NTIwODkzNg&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDjb78g9sU-c2f1HOUQEhnDQkpA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM0ODQxNDExMTI0NTIwODkzNg&google_push=ATf1kGPgRRMKn75md71GJdjky6r5_xZ9EAJK5UQy18zL8JJuA93nQALSgFZNBZDb73nXfGynURjDDjb78g9sU-c2f1HOUQEhnDQkpA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OomMlZHnTkSY0cs74E_t7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OomMlZHnTkSY0cs74E_t7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMmlSRRafxLZtxToX7F96Y5K-W1c0uphRePGwafumSbtWFSiKGG28JjgbC6OQOqpi59kzKMnjPBSWo87_jPmN3vqSt7K39AtQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OomMlZHnTkSY0cs74E_t7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMmlSRRafxLZtxToX7F96Y5K-W1c0uphRePGwafumSbtWFSiKGG28JjgbC6OQOqpi59kzKMnjPBSWo87_jPmN3vqSt7K39AtQ
date: Mon, 15 May 2023 02:12:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CF4 0
12 B 30ms
28ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxCU3wVA_h012xPgXC7z_VQ7_Ak1JhEWt_qUc_10qUHZXfgSa1K0n2Y6Ut_o7Io06ABUbj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D82
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdHVkN3QUtGcDlDcXdBOQ==&google_gid=CAESECVl_iCOtf59IbEPWrQ7w7M&google_cver=1&google_push=ATf1kGNLfgr4uSgcu2JH7Lq_A7m6bQWmAs...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdHVkN3QUtGcDlDcXdBOQ==&google_gid=CAESECVl_iCOtf59IbEPWrQ7w7M&google_cver=1&google_push=ATf1kGNLfgr4uSgcu2JH7Lq_A7m6bQWmAs11-opuP6_SzeHX14IH7FjEFW5zyeu8Nk-JgOOed0IhfNni2fkok7y6pNNmzT60TCVZlko

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684116747.098452,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdHVkN3QUtGcDlDcXdBOQ==&google_gid=CAESECVl_iCOtf59IbEPWrQ7w7M&google_cver=1&google_push=ATf1kGNLfgr4uSgcu2JH7Lq_A7m6bQWmAs11-opuP6_SzeHX14IH7FjEFW5zyeu8Nk-JgOOed0IhfNni2fkok7y6pNNmzT60TCVZlko
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1D82 70 B
264 B 201ms
72ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEC1AfgDVmz6QCez2SKu2wyk&google_cver=1&google_push=ATf1kGNmJhxQttOr3uIEc-4Xle8Vl0UNv6V1PxqlGy-7xw9TpoCACtXiLEvubfq8H5QOXdlP-j_LfDlE3GldPbXh-HIVVGrOuXNTSQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D82
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGxVw6ZEocJRB7hQKqrVcgA&google_cver=1&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGmp0IOas4S4ufCgA

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGmp0IOas4S4ufCgA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xDaffRB_Sc6jeNrnQl1Gdg2&google_push=ATf1kGMs_jcUeEUXTvDvxo5INu_e3voUB4_tt2nMi2koskVJHACwyH4Me7K_LgSFH7bqzEWQ1EgBg77rsAuA-qGmp0IOas4S4ufCgA
x-host: tde-deliveryengine-production-68bf66644b-xcrw7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D82
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEZXZrbTwpx_3a2TCeAPgwI&google_cver=1&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f6...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEZXZrbTwpx_3a2TCeAPgwI&google_cver=1&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYd...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ce4c5967-36b7-47e7-a889-29af3c50b0cb&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ce4c5967-36b7-47e7-a889-29af3c50b0cb&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=9153499a-6cee-4dcb-ab11-16dc9f196f04&ssp=google&expires=30&user_group=5&bsw_param=ce4c5967-36b7-47e7-a889-29af3c50b0cb
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA&google_hm=zkxZZza3R-eoiSmvPFCw...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA&google_hm=zkxZZza3R-eoiSmvPFCwyw==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNYmq0FVsSE3Dyfx4jhQRTzWo5Pi1SMjrJhNm6qSo627Ztc5WRKGUFDyB3k3wWuriWdEahTJWfLBhZyYdCEM4f67GnIFIry5nA&google_hm=zkxZZza3R-eoiSmvPFCwyw==
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D82
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL4qqZ0Au3lPaqze87qDKs4&google_cver=1&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn0h...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn0hTQpBMYfjF7_VRXo1Negc8Q8

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2OTc0Mzg1Njc1MDA0NTY4MQ&google_push=ATf1kGMdKYlvV_lOpVPu2iGSajlC4Oq8r7n2tPfZMZGXOE_1wbhth55gL4XNgS4-YB7Cz7MefxklTn0hTQpBMYfjF7_VRXo1Negc8Q8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D82
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5flT58uG1hyM3o_z1Plaw&google_cver=1&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN_OVAfKLvRV9jHP6FK3o

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN_OVAfKLvRV9jHP6FK3o

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGDd0LgnFgz9FHwL9uIdKCm_vbNQNJaKq2hWSYd0probARFK9NhEAZuaXsuAcR1XAHsfHhVSllhwtN_OVAfKLvRV9jHP6FK3o
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 1D82
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED_1IxGbbkmr3dETw7Of2UI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMUh0iKsUtLVm_MGzKeR0BRnSCTWG6MJc6coKCBw3KvOHsIeWyuBs4KuldPkjwEdAX1D6H2JvBno7WcKInEthJ7E4A9lFpN8-pd
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1684116746&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116746026&bpp=1&bdt=1316&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280%2C630x280&nras=6&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Y2TZawLNJj&p=https%3A//securityaffairs.com&dtd=12
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Mon, 15 May 2023 02:12:27 GMT
pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D82 0
12 B 30ms
30ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJB-pasytGb0J1oKMow-X4CLFTDzHCartTCvluaPAh8UumvsHynYTrnyF-rG_oe2ulvLNKaQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4EBD 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 413621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 07:18:46 GMT
expires: Thu, 09 May 2024 07:18:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
expires: Mon, 15 May 2023 02:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 02:12:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 63E6 118 KB
40 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 07:18:46 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 63E6 63 KB
25 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 02:12:27 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame DC4B 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.37~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1684116746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146191%2Fdata-breach%2Fpersonal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684116745968&bpp=1&bdt=1258&idt=1&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92e35bac4877d421-2226535dd2dd00a8%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q&gpic=UID%3D00000c15a1fab411%3AT%3D1684116745%3ART%3D1684116745%3AS%3DALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6680538883783&frm=20&pv=1&ga_vid=1890257638.1684116745&ga_sid=1684116745&ga_hid=393260309&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44773810%2C42532090%2C42532186%2C44759875%2C44759926%2C31074512%2C44785293%2C44788441%2C44789923&oid=2&pvsid=1806537185195917&tmod=1624705890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=nykLkVZsL8&p=https%3A//securityaffairs.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EBD 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 834F 0
0 59ms
58ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujvHmbX56DlTbUFc1sih77cDRZOLlPJfAbb2q7m7JHzurO6VPlfjDAgNAh5_2Tkej1TZt2ZHwTjcCIshiRK51BMDGU6eaTHaVUM72EfuWPvTmBFE3TXbWLXss2kMxl3s4-QSSHLwgY5nxJ3C3iJ3RsXVq2dUBy50OspvVXh2J9m3AIBiejCE8ACzYI_9pNBEUKt0RMkRQkhxoNdf4pO9PgCRl1r1-BDcvalRTka3_VcL0XnLcCL6mYmkDrCGvnG-HZR9i9_qzMBr8AJRpzLu5is2gjQZjg9ufF-0uDz4UTfkMZPiaEQKjAehpku_E_ChPwhJMkVCUpXQ_vSWZrcqjbPVJK5jDD1kX8Kbb-qo0-YpGisK5lx70f8DEJmeO4yLULC401u8wkXOC8ldkX4TNPln-9BQnA-RN6nw7dT36imGZ7OyUJZen3PQwNPcc-Y2Z579eXqSk3Y4_kZJCvJZcFQwNHeNB3yn8e-H8D-jKmeDVaYW8ug4nKMSBjyGO4EtahrJJ_ismAWyNEGhGkrPDW7tIzkg7G-16MlQxBtIkvhPE0hdDEk1zMMc-mZzFg7aXya8zC90wCQMzowOFW3Zmg0AQVZKAgDFNc8xyoqr28RKaWcYxn0WLLu0ZHjI9eje0KJ_z15cf5f5gL-qXAxnSYBZLUr6JjaBRB4w7We_ksciJHN3mFVWMTCF8OIUeIaDZ8tkjKhgQcDXsIjYFYvoDlt11XFbYYeq1zdz5GtCDn7OO6eJzTZaRwhBOXlhRrXyxgvDN--o8GrQP9EjKVTv8Vrh5ZOxALiXWExzXrNuH9VFAYttOFryVfg9SG4Tc4LMoZVADNXY0nYSxNegpZC6GJI9G4-d89MtzjCPdQq0nGRr5cPTu4bZy1t6cYLn7PcPPQyzdW2ipX4MqL_5yP9ATLCfQdsVA3MTE1QphljVvxiqxjGVONiMpeCUeTQRcbfyA71EVid5mjuhffJZ00_hIwqL5Z5qdcM0JYXXdcDNRrCudo5Na3Wbd9wA1nE559abMHnm9DHCyoUU2hJ4eXBeMqlVDUa2HLE1-sCTvazyVNugVQz5HVtUeCk5IzKQO5_vA5PMdVve0KPaoWuY-pG4lqvcvWCp1UMOzDf_OZYjT3BNQ10e0jt3o-7U6uFKzT0ObvAzBZOURFMxMAF9zbm19g0vA4y4X97SQAvIJwK-RrJpOZm77_2FwJFhGoCQ3sC3amHy_5MRGcp2j1j7nPU071YpLVdMzdRqQVsw8TeWGGuX9bW0p_lJv1I1lYJMrSPYFB4JKEZ3zzPzKHSzKAMyXEnn2GOCenEL2PvYsGYWa0iI_jxBhcMxWT9j7pCF0AHoTlBVs1hGN2OTFzCnNxdkUr_0QHSubGivuSgF0Zb0VWbmNEVPIEJ-IrVq7DdjT5Ve7V_uis9BEzjlfOxQ&sai=AMfl-YSh7J1m8QIxAC6PbuCDCxjZn5aicqYF5AOkAm-kZfW72QBe92UKfeShP7PzrrIZKsgYYGTJAs1_PAMS4C028Injpf2iWapB7S8mSyJ-QLmQ84pOIXnKPsRKc_Uf-tamFqt-IgW49qzj1SfJo-EM9QrEZiul7cSE-Lm06p4iM5AjDOld_OwkxWXqLOpqiD-hSbTXfUtVsVZOO9SaxGN_bcSKKXhsKDujX-e1noU0K2HSGgi5PMqOpJuDN9K9MwLoz4NOJNElUTPCAlDw4a0OGDdyws8pOtU&sig=Cg0ArKJSzNHmikRW0uIwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=341&dett=3&cstd=234&cisv=r20230510.59221&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 May 2023 02:12:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1806537185195917&bg=!0dKl0obNAAYldGN0BXQ7ADkAdvg8WvTl8WpxiB-Y8wPTRcQ3MyTl7XfucuEFcrVW3VWrQhxIfcbWJTiZBeAoKnlbfZvqNc5pESACAAABiVIAAAACaAEHCgCMbfCYXWplNTuho4EvlQZHbhwfNX0ihViHlRsHg-okIFl4djL8e37gGMs55kdAn0nfgyRpZirtAlyxs67twDcBW9MNs_xepZbF6hNEGoSsQ_hYnfncrDDlywX4DQYRkUCLw4OgoXcaqp8FPTXdWGnydSP8G399gVCnwNe5xy9x79SVJnCpzekhrGfUrRmZArVlZDnAPYl43YdoDHFEQsuI1FE_kQHa44fpMS6D08yySvbQlx-vfFhvkKPdZJ1I3ZtoucdO9jGhlE4lDhxlFzy393xnHUgulZsdfojba-b2duV99vByXghbmvbLo2Fiak1WF167hae1mqwdMqYkkh_s_oBOTYVTT2B1l_GO_nGnYK-lJfIpL3yzAGVHRtQDDCNdScqZoaqF7GG8dhjLvQWs4lIYJOiRo8W3xRiSvivB9uGbQzEYnfws1WrY0Avjv1pDy6-4IvUoOrl4G8LWrmxgF7z40xg5nRwwFxaqiSF4sAjeoMSpQUzQsy_kverzgoOA78TYQB60BCLQaL5dzx5ZfO_uIGyR58WAa2HIaNVn-4E7D-Dis6KHt5sgXIvtuUj3uIODg91ECeZkQjNclknSzTS1tviyVSHGZGUSyUv6-7-zUhPMXoMxLGrmuLgWl2-ahzAlu-7iC87jpx1znXix69sPUfi6i-IO8XEsXcvzisV3qCYiP6x4oHB6kE8a9wq8lFKapA3Xls9YkTprem3W4BlPLbzj0phjynBXVbKo30S67d6hgGXT4050xUD-HkIvoz0iqO8CLJOCUipd8ZcZ4eK5UMKXkSMGmU4VgEajPj_jZRBkmxfPpvPu6W4ckwxlfG-QQl7mUr5uritPhcJrm0AC-CPFQGpMs2GQ_il1jlmhA8mbSGsc_ku7fOgB0znc3PfcY9NDhJ7YWTkXeO8jflWDCvcn5jwce2ZOdRvmzbuQLocNylaKbCXVGiAP0-LZNT2J1zENFFuCJBbKbMcolFah7tjCVoRyloxxC7WCKP0Z8kb-QzI7U7ogRpqxCidgk4-oFq4lv8kd5g27_lF_iUshfH03KWdIyiu_Ay2JI745UtgyJy4ryRE0-2sNQdyt1Aok8MXsak0ocY6Dz66INkNA1VM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 63E6 47 KB
47 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:02:34 GMT
x-content-type-options: nosniff
age: 593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 02:17:34 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 63E6 46 KB
46 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:08:34 GMT
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 02:23:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 63E6 7 KB
6 KB 68ms
67ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c25fc73e90af0bac87af8d20085c6af66ce28220aad7a12046dcd14cd2b725c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5690
x-xss-protection: 0

GET
H3 200 60005582_20230403054618305_APP_iPhone_14_Airpods_Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63E6 160 KB
160 KB 66ms
66ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403054618305_APP_iPhone_14_Airpods_Pro.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9331a76e62dd3e0053a589d108a922eb800d3790823ecb916a02a26a84b4e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 08:41:09 GMT
x-content-type-options: nosniff
age: 63078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163495
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 12:46:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 08:41:09 GMT

GET
H3 200 60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63E6 61 KB
61 KB 68ms
68ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:41:14 GMT
x-content-type-options: nosniff
age: 34273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62713
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 16:41:14 GMT

GET
H3 200 60005582_20230428072236790_300x600_LOOK-INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63E6 91 KB
91 KB 68ms
68ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230428072236790_300x600_LOOK-INTRO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dfcb3e556d5a49220e5f24163b13a9e21e9f8b0073dbf99228ffd399e9c0635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:15:37 GMT
x-content-type-options: nosniff
age: 61010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93379
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 14:22:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 09:15:37 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 63E6 43 B
608 B 126ms
33ms Image
image/gif 141.101.90.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354471562_170180369_PO2504A20230405&ref=29072291_4307561_354471562_170180369_PO2504A20230405
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 02:12:27 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 6587224
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 72628866
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7c77db27c9cb1e32-FRA
Expires: Tue, 14 May 2024 02:12:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 63E6 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 May 2023 02:12:27 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 63E6 26 KB
26 KB 40ms
40ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236408239449440256/300x600.html?e=69&leftOffset=0&topOffset=0&c=nZh2suBQZ2&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 02:07:48 GMT
x-content-type-options: nosniff
age: 279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 02:22:48 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D77 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:24:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBD 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf_QNCpVhZOeeJ4eOgQfvmZrQCgAAAAA4AeAEAg&bg=!5Oel57PNAAYldGN0BXQ7ADkAdvg8WiyMVyHDckIHsTftt9mtJOiCrYtcyPFs2IsKXKMGJTEP4Oo-yw8ppVKCXEVniYLFBSepm_oCAAAAg1IAAAACaAEHmQLCV6lGF_VIMEB2yPLJpEUZAmMb09pOm3xXwsbhO2DMaNSuZegiswu_HQfXVBbg9ROt8vQBASVgAN80u7VhUFzOF_TN8XC2cTho4dVhdiehMNF11e0tvXdBtFDgn5_6Xzz2OihYBHB_nRqEtoWo0-d6HTAdnZdPAx_uX2KEIunblHRkCicskJW-w7gYyrp406rGzUI07F8aWQ77Du5zwDb1P6W083C4fGm_bdYi7P9EfvcZW6NDSHWpxzBntGmIuTB7w7xda5I1cWVONOrUWabmrO71GQTFKsL5oKFSNtKDWL6mWeoEltyZImxpMwLgS_1goR8vEI1XVh1U-Du8dLY8Zygv1tF2YprnFf4wZsp-aD4FnnLZqspmhhRwuL4zOTcIKzX6W-RmoGC2YEi9EJUHQoTGR3OoK4mtiZG-2d1I5JjZqZFMvoKLRaus0MouEgO7kEoMUlaCEIE-NfD3ai7eU6WqP9ydYMr8lCe0R3y2FSQmR6G3Q0YPo3ROfOP_3XWJScNlu8alpa0otGh_PJIGPvGIy5HJI1AZZxOzYiWjMifghWEsYfyfpFNt7nuZhLT8RVqXkeR1MLHUZ9arvyJfrdD1zlNEpLaUgpGeRj4CO6VQvFCVhrGnZBJp19GnkcJxkSfNNfdsQyMPQ32QDz1tumIS7oWzgbdBMJmwYt89HYgcEp28Xvxwcy5maPeCxhmiZ4hb9WEynreM_3oR_w1wt-sFwzbs15MSn0blj3thDFWBWVSVqcksQ0L0nk7SxpZbz8xDwsDxrBI_Dn-4yH-nlem3YIfyeLiXWO4_wfbD_KCHysIBSXL7PME4kz0Aw10o1O6BLev5Zd0ks7F7i8mEb-8hIkiF_t9Wx_tvUeCqcIiP6R-Cg8nSQ-QwfhCTHwfKmUBMsB137xjWjBlORyzyaCjcZsWVkRZ1W83ZNRFO2YqadA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 834F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8408814284570&version=m202301230201&ct=76&x=1&cor=8981948642411048000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 02:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
securityaffairs.com/	1970-01-20 20:34:12	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.com/	1970-01-20 20:34:12	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.com/	1970-01-20 21:24:36	Name: _ga_NPN4VEKBTY Value: GS1.1.1684116745.1.0.1684116745.60.0.0
.securityaffairs.com/	1970-01-20 21:24:36	Name: _ga Value: GA1.1.1890257638.1684116745
.securityaffairs.com/	1970-01-20 21:10:12	Name: __gads Value: ID=92e35bac4877d421-2226535dd2dd00a8:T=1684116745:RT=1684116745:S=ALNI_MZTrflIioJK4LcnEaA3tE32oHyz3Q
.securityaffairs.com/	1970-01-20 21:10:12	Name: __gpi Value: UID=00000c15a1fab411:T=1684116745:RT=1684116745:S=ALNI_MYRrehVGRXyeKDiAl_D7CMPE3RYGA
.securityaffairs.com/	1970-01-20 21:24:36	Name: _ga_P62M3QN974 Value: GS1.1.1684116745.1.0.1684116745.0.0.0
.doubleclick.net/	1970-01-20 11:48:40	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:34:12	Name: CMID Value: ZGGVCnUeoK9q0bM0EhU4KgAA
.casalemedia.com/	1970-01-20 13:58:12	Name: CMPS Value: 2166
.casalemedia.com/	1970-01-20 13:58:12	Name: CMPRO Value: 2166
.adnxs.com/	1970-01-20 13:58:12	Name: uuid2 Value: 2918009360129772970
.doubleclick.net/	1970-01-20 21:10:12	Name: IDE Value: AHWqTUn1g15TwY2cfZqOroDmcD722mVLMO-FJb2zFIwYupaxSe1NR4lvV5k1XSBW4t0
.adnxs.com/	1970-01-20 13:58:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%w=%b78!@wnfH8K6pQK`!5=E<*L5?%K/[o=Vcki.wvk^FJ0.C4ip@:eCRAjOT4lP@(MP(hw9P-HC_#ttGl)cz+(
.quantserve.com/	1970-01-20 13:58:12	Name: d Value: EE8BCQH_KIEA
.quantserve.com/	1970-01-20 21:18:51	Name: mc Value: 6461950a-ec11c-25a85-3351d
.travelaudience.com/	1970-01-20 21:20:17	Name: _tracker Value: %7B%22UUID%22%3A%22C4369F7D-107F-49CE-A378-DAE7425D4676%22%7D
.adfarm1.adition.com/	1970-01-20 13:58:12	Name: UserID1 Value: 7233226346732058764
.simpli.fi/	1970-01-20 20:35:39	Name: suid Value: B96219429E2A4E0AA58B7D898C52BD3A
.adform.net/	1970-01-20 12:33:15	Name: C Value: 1
ads.travelaudience.com/	1970-01-20 21:20:17	Name: _tracker Value: %7B%22UUID%22%3A%22C4369F7D-107F-49CE-A378-DAE7425D4676%22%7D
.everesttech.net/	1970-01-20 20:34:12	Name: everest_g_v2 Value: g_surferid~ZGGVCwAKFp9CqwA9
.turn.com/	1970-01-20 16:07:48	Name: uid Value: 4601702136217244011
.adform.net/	1970-01-20 13:15:00	Name: uid Value: 4169743856750045681
.blismedia.com/	1970-01-20 20:34:16	Name: b Value: 6461950B54A6176EB85C6947BLIS
.w55c.net/	1970-01-20 21:20:17	Name: wfivefivec Value: mUVSnXLw1PYnHl5
.bidswitch.net/	1970-01-20 20:34:12	Name: tuuid Value: ce4c5967-36b7-47e7-a889-29af3c50b0cb
.bidswitch.net/	1970-01-20 20:34:12	Name: c Value: 1684116747
.bidswitch.net/	1970-01-20 20:34:12	Name: tuuid_lu Value: 1684116747
.pubmatic.com/	1970-01-20 11:50:03	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 12:31:48	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 20:34:12	Name: KADUSERCOOKIE Value: 3A898C95-91E7-4E44-98D1-CB3BE04FEDEF
.creative-serving.com/	1970-01-20 21:10:12	Name: tuuid Value: 9153499a-6cee-4dcb-ab11-16dc9f196f04
.creative-serving.com/	1970-01-20 21:10:12	Name: c Value: 1684116747
.creative-serving.com/	1970-01-20 21:10:12	Name: tuuid_lu Value: 1684116747
.tribalfusion.com/	1970-01-20 13:58:12	Name: ANON_ID Value: aQnseFo0P8fCmTN83vUKwPBnJknBmZa6cOZd0FIUk9KZbshvZd2A6tUVVQdpZcZcleJtgB1VZcZdbW2ZanC2R3WClU9M9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-4918072057181794&fa=1&ifi=11&uci=a!b&btvi=6&xpc=ob80rmKmIx&p=https%3A//securityaffairs.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.creative-serving.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
l.sharethis.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
portal.o2online.de
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
secure.gravatar.com
securityaffairs.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
13.32.99.51
141.101.90.97
142.250.184.226
142.250.186.34
151.101.194.49
185.64.190.78
185.80.39.216
185.83.142.19
192.0.76.3
192.0.77.2
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2600:9000:206f:8800:c:abe:f440:93a1
2606:4700:3031::6815:90b
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9b
2a02:fa8:8806:13::1370
2a04:fa87:fffe::c000:4902
3.122.133.176
3.127.5.255
3.33.220.150
3.65.121.173
3.66.128.19
34.160.236.64
34.96.105.8
35.190.0.66
35.204.74.118
35.227.252.103
37.157.6.237
51.89.9.254
85.114.159.118
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1e55fc3be6ae498157f7c2962e7b5f8e074a4bf1103a01a44508134ec4a976f0
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
23f3948c589322ebd2d1c502575a1e75104735f70b4d34e72a4dde3b8c24140a
244ce5f472c54baa981bec89cfa631badcb8be4b73360669be1430dd859d3f02
24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b2f565fbaab9a9c4ae80996779513ccc5962eb26fbd0d055117e569b386fd7
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2e0b6708d71c0dd409e989b70636163a6e603b6c8040754bdc06ce8d03d8c7be
3143074096fa0a8f9af6774d858bbcd27d56f3f109139792fb78c89c1643835a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
37f2434eb42d6beb733fe20be30ad702ab4e020cd2a0606c6e7cf9c0ad342c95
381996738de7ccebfb74774a4b0c8b2f23df94977f98a9895bcbbc204cc683b7
3f573e98383d19a1d3df3190b7de701ba603198b22ab6f7abf53b8fc5d5a0437
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
3faf76cc91fc1abfad38c0103e143ce39e9bcce46fdd0781b5eff34301a73008
4195b28781e325b0e1b8cd5520fc94b295a0fb710bfa2ecffa575087733e875b
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4656cc1c3dab161615a47917a6dc821df9bc78d6a242136640cb8d81a4bff172
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
47b86457b71f1d8348237f945523b7e5f22d08cfedfb058f3b514be2adb11f20
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9af3f7c0cf9a8df13c083582c740e1fa50fd10e00aff1940f51572edd9fbdb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4cff09acb52fa29c9e684d8f068f51c9b1a7bb67cf2a2c6698558a1c3325ad
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
706cb8388c4bc3ae2ffc55cfdbe059284cedacf4aaba77d7496ad5cd0d03e905
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
77e18136e493ac58b6bef8dd81e8da7f8d7818948b7698e6e779a39ca9ad80a2
77f0d80301b69879c211bf75475a1712ddd3ef8caf1fbd5c9cfd7c42f2426eb0
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
82a35a97cc337fa829a105ef16ec2eac8cb521b75b328e7123ddf0322226ce23
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
841a56292195b629f8507d7fa03bc2c256f8420c1d89ae2c704b5c1f19962380
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8c25fc73e90af0bac87af8d20085c6af66ce28220aad7a12046dcd14cd2b725c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
97765e23068ab7c9753037e78c140941f0214522e0fb6a3fa34db1ece576c0b6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dfcb3e556d5a49220e5f24163b13a9e21e9f8b0073dbf99228ffd399e9c0635
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a10c1fbed874f99c4e820832cb75b8007862b7e5e198f403c2685d1ddfe661ae
a2a972f003e9e2afb728ffa2397a67c434aabcbafb20f209d6dc03a7560cd99b
a2c43e39b23656d7e7b3aa326bc7758db27364c46ab5983100c09dc554a14a1d
a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
abd54f05f703b03c98279e65aeff2c8a876f4854059debbc9c95c106e218bac6
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b2f73fcd3c4c75ab646c509f241a57e045a5c07220e92865e38c993611025b65
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c85493df8667d75a1b87f716fd86dd562a2a9d96e1459fc732f31dfce6d4e3a9
c9331a76e62dd3e0053a589d108a922eb800d3790823ecb916a02a26a84b4e1a
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
de87f0b0914342ed9fb6688a81c09579aa1b2a90b670e4472a64d2b8decda85f
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
e74d41f3cd7933ac3b931c07614986971de12990b1098aab6424490a663bef74
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5dd6333f86324638910a2cad9120047b1df2c271269f064cd05e1d0e2878070
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fafd860e40b2dbfa4d5147dfa84c3aa982ccaa56cfe8747d423dffd5ef523fcf
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe1c5219cdf642c72c7941dc6d78811e92b999e4b0220fc7224e294897ef8ba2
fe96df10bbc5803df929f18888b2f9973b1cf26727ffa59b81bbeaaab1a32971

securityaffairs.com Open in urlscan Pro 2606:4700:3031::6815:90b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

267 Requests

88 %HTTPS

47 %IPv6

37 Domains

52 Subdomains

36 IPs

9 Countries

3423 kBTransfer

7291 kBSize

36 Cookies

18 Outgoing links

Redirected requests

267 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b Public Scan

Screenshot
Live screenshot

Full Image

267
Requests

88 %
HTTPS

47 %
IPv6

37
Domains

52
Subdomains

36
IPs

9
Countries

3423 kB
Transfer

7291 kB
Size

36
Cookies

267 HTTP transactions
6 data transactions