www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://offiee365.com/
Effective URL:
https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Submission Tags: @phishunt_io
Submission: On July 30 via api (July 30th 2023, 4:20:26 pm UTC) from DE — Scanned from SG

Summary HTTP 240 Redirects Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 75 domains to perform 240 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 63718.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2023. Valid for: a year.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	111.235.137.30 111.235.137.30	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
1	104.20.59.209 104.20.59.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
35	104.26.13.6 104.26.13.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:15ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c02::61	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4003:c1a::63	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
2 23	104.18.0.32 104.18.0.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.249.88 13.224.249.88	16509 (AMAZON-02) (AMAZON-02)
1	13.227.254.14 13.227.254.14	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
1	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
1	74.125.24.149 74.125.24.149	15169 (GOOGLE) (GOOGLE)
1	23.35.185.76 23.35.185.76	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2404:6800:400... 2404:6800:4003:c0f::65	15169 (GOOGLE) (GOOGLE)
2	13.227.254.18 13.227.254.18	16509 (AMAZON-02) (AMAZON-02)
1 3	13.33.33.50 13.33.33.50	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4003:c01::9d	15169 (GOOGLE) (GOOGLE)
1	184.51.136.126 184.51.136.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6812:4a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4003:c11::9d	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.126.105.99 13.126.105.99	16509 (AMAZON-02) (AMAZON-02)
6	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:23d... 2600:9000:23d2:c800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.160.128.112 34.160.128.112	15169 (GOOGLE) (GOOGLE)
2 2	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	13.114.88.218 13.114.88.218	16509 (AMAZON-02) (AMAZON-02)
2 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
3 3	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	23.37.147.207 23.37.147.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.51.138.68 184.51.138.68	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.184.203 23.35.184.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.214.196.76 35.214.196.76	15169 (GOOGLE) (GOOGLE)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	54.151.239.45 54.151.239.45	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	103.71.26.126 103.71.26.126	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
1 1	2600:1f18:612... 2600:1f18:612b:4280:deca:219:b07a:54cc	14618 (AMAZON-AES) (AMAZON-AES)
1 1	42.99.140.195 42.99.140.195	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
5	104.18.1.32 104.18.1.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.209.255.232 3.209.255.232	14618 (AMAZON-AES) (AMAZON-AES)
1 1	165.227.251.217 165.227.251.217	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	52.7.166.254 52.7.166.254	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	52.84.228.19 52.84.228.19	16509 (AMAZON-02) (AMAZON-02)
1 3	18.155.68.40 18.155.68.40	16509 (AMAZON-02) (AMAZON-02)
1 2	18.155.68.39 18.155.68.39	16509 (AMAZON-02) (AMAZON-02)
12	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c06::9d	15169 (GOOGLE) (GOOGLE)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 3	2620:116:800e... 2620:116:800e:21:36b5:1576:d999:6e52	16509 (AMAZON-02) (AMAZON-02)
1	23.35.185.56 23.35.185.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.249.77 13.224.249.77	16509 (AMAZON-02) (AMAZON-02)
1	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	34.107.140.113 34.107.140.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.138.156.86 18.138.156.86	16509 (AMAZON-02) (AMAZON-02)
2	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
13	175.41.188.45 175.41.188.45	16509 (AMAZON-02) (AMAZON-02)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	207.65.33.78 207.65.33.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	18.155.65.200 18.155.65.200	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
1	184.51.137.72 184.51.137.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.228.22.200 13.228.22.200	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 1	18.138.96.199 18.138.96.199	16509 (AMAZON-02) (AMAZON-02)
3 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1 1	23.207.181.216 23.207.181.216	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.0.250.224 3.0.250.224	16509 (AMAZON-02) (AMAZON-02)
3 3	67.199.150.82 67.199.150.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	172.253.118.156 172.253.118.156	15169 (GOOGLE) (GOOGLE)
1 1	207.65.33.82 207.65.33.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	207.65.33.76 207.65.33.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
240	70

1 111.235.137.30 (Singapore) 1 redirects

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: web132.vodien.com

offiee365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.26.13.6 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.18.0.32 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-88.sin52.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-14.sin52.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

functionalfeather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.185.76 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-185-76.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c0f::65 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-18.sin52.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.33.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-50.sin2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c01::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.136.126 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-126.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:4a5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c11::9d (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.126.105.99 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-105-99.ap-south-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c04::9a (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23d2:c800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::9b (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com

api.floors.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.5.84.243 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.114.88.218 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-88-218.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.148.252 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.147.207 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-147-207.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.138.68 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-138-68.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.184.203 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-184-203.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.196.76 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 76.196.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.151.239.45 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-239-45.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.126 (Singapore) 2 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:deca:219:b07a:54cc (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

connatix-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.195 (Japan) 1 redirects

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-195.pacnet.net

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.1.32 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.255.232 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-255-232.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.227.251.217 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.166.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-166-254.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.228.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-19.sin2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.155.68.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-40.sin52.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.68.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-39.sin52.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::9d (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800e:21:36b5:1576:d999:6e52 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.185.56 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-185-56.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-77.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com

s2s.t13.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.156.86 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-156-86.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 175.41.188.45 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.155.65.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-65-200.sin52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.137.72 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.22.200 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-22-200.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.96.199 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-96-199.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.106.89 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.181.216 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.250.224 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-250-224.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.150.82 (Singapore) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.82 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.76 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bleepstatic.com www.bleepstatic.com — Cisco Umbrella Rank: 83883	833 KB
28	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3123 cds.connatix.com — Cisco Umbrella Rank: 3310 capi.connatix.com — Cisco Umbrella Rank: 1483 ins.connatix.com — Cisco Umbrella Rank: 4140 cks.connatix.com — Cisco Umbrella Rank: 6468 vid.connatix.com Failed	325 KB
15	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1331 match.sharethrough.com — Cisco Umbrella Rank: 578	9 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	1 MB
13	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 183 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	219 KB
11	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 354 aax.amazon-adsystem.com — Cisco Umbrella Rank: 444	66 KB
9	pubmatic.com 5 redirects ads.pubmatic.com — Cisco Umbrella Rank: 553 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 577 image8.pubmatic.com — Cisco Umbrella Rank: 673 image2.pubmatic.com — Cisco Umbrella Rank: 1021 image4.pubmatic.com — Cisco Umbrella Rank: 1249	5 KB
7	t13.io s2s.t13.io — Cisco Umbrella Rank: 5069	9 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 mug.criteo.com — Cisco Umbrella Rank: 2490 bidder.criteo.com — Cisco Umbrella Rank: 704	2 KB
6	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2230	487 B
6	gstatic.com www.gstatic.com fonts.gstatic.com	67 KB
6	pub.network a.pub.network — Cisco Umbrella Rank: 5459 d.pub.network — Cisco Umbrella Rank: 5714	389 KB
5	intentiq.com 2 redirects api.intentiq.com — Cisco Umbrella Rank: 1447 sync.intentiq.com — Cisco Umbrella Rank: 1172 sync1.intentiq.com — Cisco Umbrella Rank: 3250	4 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 350	2 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 840 tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 869	14 KB
4	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 403 tlx.3lift.com — Cisco Umbrella Rank: 631	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1059 api.btloader.com — Cisco Umbrella Rank: 1125	84 KB
4	optimise.net optimise.net — Cisco Umbrella Rank: 6826	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	21 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017 cms.quantserve.com — Cisco Umbrella Rank: 802	10 KB
3	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 pixel.rubiconproject.com — Cisco Umbrella Rank: 380	949 B
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 461 ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 379	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
3	functionalfeather.com functionalfeather.com — Cisco Umbrella Rank: 50014	23 KB
3	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 26012 cdn.firstimpression.io — Cisco Umbrella Rank: 24398	101 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 321	503 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1627	296 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 837 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	media.net cs.media.net Failed prebid.media.net — Cisco Umbrella Rank: 1330	554 B
2	openx.net us-u.openx.net Failed oajs.openx.net — Cisco Umbrella Rank: 1490	486 B
2	sundaysky.com 2 redirects vop.sundaysky.com — Cisco Umbrella Rank: 3034	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 784	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 513	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 714	1 KB
2	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 755	774 B
2	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 608	533 B
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1394	2 KB
2	floors.dev api.floors.dev — Cisco Umbrella Rank: 9174	5 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1143	1 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 40923	33 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1458	96 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	136 KB
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 606	587 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 677	524 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1453	504 B
1	quantcount.com rules.quantcount.com Failed pixel.quantcount.com — Cisco Umbrella Rank: 4058	160 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 599	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1581	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1658	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	897 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3316	162 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	57 KB
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1515	395 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1074	522 B
1	resetdigital.co 1 redirects sync.resetdigital.co — Cisco Umbrella Rank: 3170	418 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 563	666 B
1	tremorhub.com 1 redirects connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 13976	426 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1054	281 B
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 6004	455 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 554	860 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 912	459 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	610 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 595	482 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2363	10 KB
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6637	466 B
1	addthis.com s9.addthis.com — Cisco Umbrella Rank: 144341	362 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1320	1 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 30687	2 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	233 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79 imasdk.googleapis.com Failed	1 KB
1	bleepingcomputer.com www.bleepingcomputer.com — Cisco Umbrella Rank: 63718	16 KB
1	offiee365.com 1 redirects offiee365.com	149 B
0	sonobi.com Failed apex.go.sonobi.com Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
240	75

	Domain	Requested by
35	www.bleepstatic.com	www.bleepingcomputer.com www.bleepstatic.com
15	cks.connatix.com	1 redirects blank www.bleepingcomputer.com
13	btlr.sharethrough.com	a.pub.network
12	tpc.googlesyndication.com	googleads.g.doubleclick.net
9	aax.amazon-adsystem.com	c.amazon-adsystem.com
9	capi.connatix.com	1 redirects www.bleepingcomputer.com cds.connatix.com blank
7	s2s.t13.io	a.pub.network blank
6	id.hadron.ad.gt	cdn.hadronid.net a.pub.network
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.bleepingcomputer.com
5	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net cds.connatix.com
5	a.pub.network	www.bleepingcomputer.com a.pub.network
4	x.bidswitch.net	3 redirects blank
4	optimise.net	a.pub.network
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	image8.pubmatic.com	3 redirects
3	api.intentiq.com	1 redirects a.pub.network blank
3	match.adsrvr.org	2 redirects a.pub.network
3	api.btloader.com	freestar-io.videoplayerhub.com
3	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com www.googletagservices.com
3	sb.scorecardresearch.com	1 redirects a.pub.network www.bleepingcomputer.com
3	fonts.gstatic.com	fonts.googleapis.com
3	functionalfeather.com	a.pub.network functionalfeather.com
3	www.gstatic.com	www.bleepingcomputer.com googleads.g.doubleclick.net
2	match.sharethrough.com	blank
2	ups.analytics.yahoo.com	1 redirects blank
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects blank
2	hbopenbid.pubmatic.com	a.pub.network
2	prebid.media.net	a.pub.network
2	bidder.criteo.com	a.pub.network
2	tlx.3lift.com	a.pub.network
2	mug.criteo.com	blank
2	gum.criteo.com	1 redirects
2	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
2	vop.sundaysky.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	id.rlcdn.com	1 redirects www.bleepingcomputer.com
2	ads.pubmatic.com	cds.connatix.com ads.pubmatic.com
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.prod.bidr.io	1 redirects www.bleepingcomputer.com
2	ssum.casalemedia.com	2 redirects
2	api.floors.dev	a.pub.network
2	ad-delivery.net	www.bleepingcomputer.com
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	cdn.confiant-integrations.net	a.pub.network cdn.confiant-integrations.net
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	cds.connatix.com	cd.connatix.com cds.connatix.com
2	www.googletagmanager.com	www.bleepingcomputer.com www.googletagmanager.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	cms.quantserve.com	1 redirects
1	stags.bluekai.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	a.teads.tv	a.pub.network
1	pixel.quantserve.com	blank
1	pixel.quantcount.com	secure.quantserve.com
1	ib.adnxs.com	1 redirects
1	static.criteo.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	s.ntv.io	a.pub.network
1	secure.quantserve.com	a.pub.network
1	www.googletagservices.com	googleads.g.doubleclick.net
1	sync1.intentiq.com	blank
1	sync.intentiq.com	1 redirects www.bleepingcomputer.com
1	sync.technoratimedia.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	sync.resetdigital.co	1 redirects
1	ads.stickyadstv.com	1 redirects
1	connatix-supply-partners.tremorhub.com	1 redirects
1	csync.loopme.me	1 redirects
1	i.ctnsnet.com	1 redirects
1	bh.contextweb.com	1 redirects
1	eus.rubiconproject.com	cds.connatix.com
1	secure-assets.rubiconproject.com	1 redirects
1	ad.turn.com	1 redirects
1	ins.connatix.com	cds.connatix.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.adsafeprotected.com	www.bleepingcomputer.com
1	cdn.hadronid.net	www.bleepingcomputer.com
1	btloader.com	www.bleepingcomputer.com
1	freestar-io.videoplayerhub.com	1 redirects
1	s9.addthis.com	www.bleepingcomputer.com
1	widgets.outbrain.com	www.bleepingcomputer.com
1	ad.doubleclick.net	www.bleepingcomputer.com
1	d.pub.network	a.pub.network
1	ecdn.firstimpression.io	www.bleepingcomputer.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	cd.connatix.com	www.bleepingcomputer.com
1	www.google.com	1 redirects
1	fonts.googleapis.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
1	offiee365.com	1 redirects
0	rules.quantcount.com Failed	secure.quantserve.com
0	apex.go.sonobi.com Failed	a.pub.network
0	vid.connatix.com Failed	cds.connatix.com
0	imasdk.googleapis.com Failed	cds.connatix.com
0	cs.media.net Failed	www.bleepingcomputer.com
0	us-u.openx.net Failed	www.bleepingcomputer.com
0	cs-server-s2s.yellowblue.io Failed	cds.connatix.com
240	111

This site contains no links.

Subject Issuer	Validity	Valid
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-04` - `2024-05-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
analysis.fi Amazon RSA 2048 M01	`2023-02-28` - `2023-12-02`	9 months	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
functionalfeather.com R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
optimise.net GTS CA 1D4	`2023-07-24` - `2023-10-22`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-07-23` - `2023-10-21`	3 months	crt.sh
hadronid.net GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.escalated.io Amazon RSA 2048 M01	`2023-03-28` - `2024-04-25`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
api.floors.dev GTS CA 1D4	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
s2s.t13.io GTS CA 1D4	`2023-07-16` - `2023-10-14`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-02-03` - `2023-11-21`	10 months	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Frame ID: 4A777B5BE9B6823FBD2AAB5B6FCE4CC8
Requests: 180 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: ED30516967EB87D01034D1172DD8C4B1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 70759ACE03FF9B24E015627D9150446F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147
Frame ID: D30D4C2181D46ADF1D3BBFECF1EE97DB
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1643380172&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986697&bpp=2&bdt=584&idt=138&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=8625009206862&frm=20&pv=1&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=156
Frame ID: D5096118F9B22B858F79C177A72FDB22
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: D778A3D877C2631C3100F503BDD83C8A
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: D7D8D0D0BCF8B338E170A7ABAF82A8E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D4ff326573fb34c6ab66de0373c8f757f%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 6293E1048D69335624AB8808413B690C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://offiee365.com/ HTTP 302
https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

240
Requests

76 %
HTTPS

32 %
IPv6

75
Domains

111
Subdomains

70
IPs

9
Countries

3817 kB
Transfer

9264 kB
Size

90
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://offiee365.com/ HTTP 302
https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 53

https://capi.connatix.com/core/sync?v=304133 HTTP 302
https://capi.connatix.com/core/sync?v=304133&final=true

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&c8=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&c8=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&c9=

Request Chain 60

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 94

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dIndex%26api-tier%3d2%26uid%3d&gdpr=0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
https://cks.connatix.com/cks?pid=17&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Index&api-tier=2&uid=ZMaNo6mDp5YM5xBfD.0b7QAA%265326

Request Chain 95

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid}&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1

Request Chain 96

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=d5241a23-0565-41d2-9b04-6de9303bf1c0&ttl=1693325987

Request Chain 97

https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dAmobee%26api-tier%3d2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=21&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Amobee&api-tier=2&uid=8037134907376619512

Request Chain 98

https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dTripleLift%26api-tier%3d2%26uid%3d%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID HTTP 302
https://cks.connatix.com/cks?pid=25&ev=4ff326573fb34c6ab66de0373c8f757f&pname=TripleLift&api-tier=2&uid=221901828531360008247

Request Chain 99

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d4ff326573fb34c6ab66de0373c8f757f%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%253d%2524UID%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=6&ev=4ff326573fb34c6ab66de0373c8f757f&pname=AppNexus&api-tier=2&uid=5026211438562898588&gdpr=0

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0

Request Chain 102

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dPulsePoint%26api-tier%3d2%26uid%3d%25%25VGUID%25%25&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=13&ev=4ff326573fb34c6ab66de0373c8f757f&pname=PulsePoint&api-tier=2&uid=VUmNLk5FobM0

Request Chain 103

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCrimtan%26api-tier%3d2%26uid%3d%5Buser_id%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=28&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Crimtan&api-tier=2&uid=137a6b61b9c64406ae828b43dfd926b4

Request Chain 104

https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dLoopMe%26api-tier%3d2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=18&ev=4ff326573fb34c6ab66de0373c8f757f&pname=LoopMe&api-tier=2&uid=26c44ff8-0e87-4016-bb9e-71398e1d4f66&pubid=11186&gdpr=0

Request Chain 105

https://id.rlcdn.com/712202.gif?cparams=4ff326573fb34c6ab66de0373c8f757f&gdpr=0 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCKObmqYGEgUI6AcQAEIASiA0ZmYzMjY1NzNmYjM0YzZhYjY2ZGUwMzczYzhmNzU3Zg

Request Chain 106

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId}&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId}&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D4ff326573fb34c6ab66de0373c8f757f%2526pname%253DCentro%2526api-tier%253D2%2526uid%253Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%2526gdpr%253D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D4ff326573fb34c6ab66de0373c8f757f%2526pname%253DCentro%2526api-tier%253D2%2526uid%253Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%2526gdpr%253D0&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DCentro%26api-tier%3D2%26uid%3Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DCentro%26api-tier%3D2%26uid%3Dc10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=9&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Centro&api-tier=2&uid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0

Request Chain 107

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID&gdpr=0 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID&gdpr=0&__user_check__=1&sync_id=e6d107f8-2ef4-11ee-be8a-195c47230407 HTTP 302
https://cks.connatix.com/cks?pid=10&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SpotX&api-tier=2&uid=e6d107c4-2ef4-11ee-be8a-195c47230407

Request Chain 108

https://connatix-supply-partners.tremorhub.com/sync?UISCX=4ff326573fb34c6ab66de0373c8f757f&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dTelaria%26api-tier%3d2%26uid%3d%5bTVUSER_ID%5d&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=5&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Telaria&api-tier=2&uid=ea1a16710bb14344a58413ebc07a9f21

Request Chain 109

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=487429a916cbf691919fa35f7822a0&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

Request Chain 111

https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSundaySky%26api-tier%3d2%26uid%3d%24{ssky_uuid}&gdpr=0 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSundaySky%26api-tier%3d2%26uid%3d%24{ssky_uuid}&gdpr=0&_cvt=t HTTP 302
https://cks.connatix.com/cks?pid=1&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SundaySky&api-tier=2&uid=d6.50035bc9ba8a414880a36e89df97569a

Request Chain 112

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dResetDigital%26api-tier%3d2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=35&ev=4ff326573fb34c6ab66de0373c8f757f&pname=ResetDigital&api-tier=2&uid=00000106DDD2C5A6

Request Chain 113

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dAdelphic%26api-tier%3d2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=29&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Adelphic&api-tier=2&uid=737de7c6-2c30-461a-92bd-08a91b540027

Request Chain 114

https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=4ff326573fb34c6ab66de0373c8f757f&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSynacor%26api-tier%3d2%26uid%3D%5BUSER_ID%5D%26direct%3D1&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=26&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Synacor&api-tier=2&uid=GDPR&direct=1 HTTP 302
https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=GDPR&UserId=&tier=2

Request Chain 117

https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NGZmMzI2NTczZmIzNGM2YWI2NmRlMDM3M2M4Zjc1N2Y&extra1=4ff326573fb34c6ab66de0373c8f757f&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
https://capi.connatix.com/us/google/report?extra1=4ff326573fb34c6ab66de0373c8f757f&gdpr=0

Request Chain 122

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrnd=342_1690733987093&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrnd=342_1690733987093&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=v2NtfahRZN&nc=false&trid=325468713

Request Chain 166

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=E6gTy3xxQXdXemdtdmFhNFBOSUxmZm0zaWt6SStFT1dmS0lkTlBVMHExcGVmUFJsb0Z1M3BYRGt5QzdjWFlyQ3JwM2xzQjBpazhtQkZwcmtpZmYrejdudkNGUWRYTnZjcmpPMnZqSTRHT0tKUUJiaGx1Z0dDOUs4UDJZNURTaVhPODAwRkxBUlJadm93bzFwTlJrNEU4MUVFbFpQRUlSUVpidVRKVXBXMGt2Q2VpRi90K2FxQ1p3ZXQ3QXZQdU1TRGJhUFVDeFBGZHZIV01VdytweldmSlBQVGpyc3NzM0dYaGd3QW1PblQ2Z1JMVEY3ZThETmZYY2h2UXk2czRvNDFaVm9pfA&cppv=2

Request Chain 167

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000&ckls=true&ci=gs7v87sowi&nc=false&trid=eb9635eb-4e35-42ef-83ae-36f103b82af4

Request Chain 193

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=5026211438562898588

Request Chain 227

https://oajs.openx.net/esp?url=about%3Ablank&rid=esp HTTP 302
https://oajs.openx.net/esp?url=about%3Ablank&rid=esp&cc=1

Request Chain 235

https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3aLpIaJBB2Jd8SiNNrZB&gdpr=&gdpr_consent=&us_privacy=

Request Chain 236

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=468f9b7f-eed8-4251-9e38-8136f234f213

Request Chain 237

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://s2s.t13.io/setuid?bidder=rubicon&uid=LKPND530-D-HIKX

Request Chain 238

https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1&verify=true

Request Chain 239

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://stags.bluekai.com/site/92145?id=468f9b7f-eed8-4251-9e38-8136f234f213&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=

Request Chain 240

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=7GOR4OIzk-X3MpTu7WHf4ekxk-f3YJfh6WUoXSpu

Request Chain 241

https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg3RDc5NkItNkQ1MC00NDlFLUEwOUYtRTlFODc2NTMyNzRD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D687D796B-6D50-449E-A09F-E9E87653274C&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=687D796B-6D50-449E-A09F-E9E87653274C

240 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Redirect Chain

https://offiee365.com/
https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

71 KB
16 KB

1333ms
1309ms

Document
text/html

104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370a664a8626eb3f85a65af5b6297eee405bf429d24800d4cc95409b54bc09ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7eeeeccd0e344697-SIN
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sun, 30 Jul 2023 16:19:46 GMT
expires: 0
last-modified: Fri, 28 Jan 2022 14:29:32 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 30 Jul 2023 16:20:10 GMT
location: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
server: Apache

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 19ms
8ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 16:19:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 119 KB
20 KB 32ms
16ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4081
etag: W/"624975547"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks5Chf242JN%2FiUrygINkfKELTEHZ%2Bnj7LzzR0yp3KGqfS0Ff%2F4UikvgfKPbbDslkrnOXWrEW%2B58rsfHaUqdVE329e4WWwA78%2BtGI9lZFVMtEIcnKrx4faAuZvGELODLuyRRZduE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9248fa-SIN
expires: Tue, 14 Mar 2023 04:05:36 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 52 KB
11 KB 29ms
13ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8d5ddfd2b17ba6fbf78f65d8dbf690631d5a609102caea35467a6401ab3d669

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1635
cf-polished: origSize=65945
cf-bgj: minify
last-modified: Wed, 17 May 2023 23:06:54 GMT
server: cloudflare
etag: W/"3412489487"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvMVRfJ68IMh5Kq8IkEh1ND8WFGieqxx11OTsGcpXLr9kftagxusM9c0FTvcyTVzYiP4tsmTKOS5jRkFhqptSWEx2D5OBi%2BoKQfB8Utn5Zf6zlZZARv0wz0KkeFkXBntTipCZlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9448fa-SIN
expires: Fri, 23 Jun 2023 14:12:47 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 30ms
13ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590
cf-polished: origSize=15024
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 03:04:07 GMT
server: cloudflare
etag: W/"327631530"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uhh3qh8L7FSMGF03J0k2vSFPep38tw5FHVVSOZ6hSlrEmli3GGDlGJi2VeuDiFlOA09IJo85DohqBNFybexR6rMGd8p0JI8E7AwDpAYotVAq31PkxcQodhU5IUAtwbcWpvSuJcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9548fa-SIN
expires: Mon, 20 Feb 2023 17:33:58 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 28 KB
6 KB 28ms
12ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22327d45d658f8a0244b2ce61448c6476e4057e51123111654bbd073ce6465c8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 865388
cf-polished: origSize=35261
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 15:56:13 GMT
server: cloudflare
etag: W/"1119194514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcLdGlzN4MW0FpIJwsI9FxtCV47FBBIFaRO3FJS%2Frf8n%2FokrYfOVvmoCVk216vobDxxjkR3ep4V3%2F%2BS5pUsQ3OuNEYvmJIB8w%2BSmU2shONXh%2F66zDqBybDXfG5juGVODrGIfwoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9648fa-SIN
expires: Thu, 24 Aug 2023 15:56:38 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.bleepstatic.com/js/redesign/ 87 KB
32 KB 30ms
14ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 May 2020 23:02:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1635
etag: W/"1177690299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DN5oIY3cu0zuybsS800RHGlCfFqKvNgohGgQ7BXxWJoGPVXI9AHB0QwodLG6ZgsAEJ2IY9rYW7cZnUK0ktsWVnzsJr1uvBD8QlcW5crIJq2XQ6Qh1XZ76fqfRjfS4DWHj2leX%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9848fa-SIN
expires: Tue, 14 Mar 2023 04:11:42 GMT

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
www.bleepstatic.com/js/redesign/ 10 KB
4 KB 27ms
11ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2016 01:26:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1635
etag: W/"2177127834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8wj0lVTzc7vx00le4A6JaOGO0J6WlZLwxRqSfwVe4pvxqJYvKoVpTsZ%2FvkfmQFmx0K0%2FVjdk592NQN%2FinbgYGPSb82rLijcA8fjy44vgSHO1utP4I96Cw2LiAycaB7ZRGbFGf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd55a9948fa-SIN
expires: Sat, 16 Apr 2022 00:09:55 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
588 B 10ms
9ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6259
cf-polished: origSize=247
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lac3fQREF%2BYSkCcZ9sYowjN1LDdQGfm4pE%2B9Q%2FkDhUPwOCI9jrHNdLQpu0N1JV4U2M3WLC4hBMyy2O82NtdgRKIrA2k%2FBBxfzj8KZ%2BjjOlaTT5vxfNGRq59AqKn6z1uTJS8AdHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd57ab748fa-SIN
expires: Tue, 14 Mar 2023 04:05:35 GMT

GET
H2 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 33ms
11ms Stylesheet
text/css 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/cls.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 546
x-guploader-uploadid: ADPycdslu_dK35h6F4AGz5i-oXQdMig-FZt6poXY4l_olgJrRpqJSvBzh7U63F3f2MJObuKaXnNiePDJNmYle0ZBrK3b2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation: 1666967770269941
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 7eeeecd56d8b06ab-SIN
expires: Sun, 30 Jul 2023 17:19:46 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 107 KB
39 KB 19ms
19ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a177c29748268e19475d95be08d63dc9c847d9dc43ac712d8cf87700c37520d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 177085
x-guploader-uploadid: ADPycdvbtkVcKxaoRRNiSNuQBDFH2GfZqz-2RAPInwTAxoSvgeUf_HFVDR_oWOqvTMJPnX54eWSSPO3MpPFcJe8LmrA4eQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 24 Jul 2023 16:38:54 GMT
server: cloudflare
etag: W/"311e76bc2d500408824a3f61afc95b22"
vary: Accept-Encoding
x-goog-hash: crc32c=NkcRMg==, md5=MR52vC1QBAiCSj9hr8lbIg==
x-goog-generation: 1690216734085026
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 109114
cf-ray: 7eeeecd57da906ab-SIN
expires: Sun, 30 Jul 2023 16:49:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 18ms
6ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acc9b594db67368ec37c4269726fd1ad820a6a165dd437e1fd67b4b5bf2e1901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
2 KB 10ms
9ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1271289
cf-polished: origFmt=png, origSize=1882
content-disposition: inline; filename="logo.webp"
content-length: 1152
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiDXnJ52Kgolj28VYOFB6T5Ajd2ZfmmkNfg2HoG4Yxn%2BC7Riw4ErRdnYJNRcVZiK3uhA%2Bja4pDzfFUj7f8X4eg71sYUh3yAXnaQzYqamNkGEGi68lkQnpphvMNyyBMylUkFtCXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd5db1248fa-SIN
expires: Mon, 14 Aug 2023 23:11:36 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

12ms
4ms

Script
text/javascript

2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 30 Jul 2023 21:21:51 GMT

Redirect headers

date: Sun, 30 Jul 2023 16:10:43 GMT
x-content-type-options: nosniff
server: sffe
age: 543
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Sun, 30 Jul 2023 16:40:43 GMT

GET
H2 200 connatix.playspace.js Show response
cd.connatix.com/ Frame ED30 8 KB
4 KB 42ms
13ms Script
application/javascript 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911cdaf421bfdfdf43fed82374a1a49adfc7b92e8ea36eccfcd9860c304af655

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7eeeecd5fd11a077-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 23ms
5ms Script
application/javascript 13.224.249.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-88.sin52.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:54:16 GMT
content-encoding: gzip
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 1530
x-cache: Hit from cloudfront
content-length: 1696
last-modified: Tue, 30 May 2023 11:07:18 GMT
server: Apache/2.4.54 (Debian)
etag: "1090-5fce734db8580-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: yGKw1OQZ94cycX-3gJe9TRxMJ6aunmJEa1XSF-cdn8jv0ut89DOFOA==

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 349 KB
92 KB 24ms
5ms Script
application/javascript 13.227.254.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-14.sin52.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

2d0699fe75b9d4b558b1d3b7deb9c80c090ff8ce03fbb821ee5c8919320d8612

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:04:15 GMT
Content-Encoding: br
Via: 1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
Age: 931
X-Powered-By: PHP/8.2.0
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 0
Last-Modified: Sun,30 Jul 2023 16:04:15 UTC
Server: Apache/2.4.54 (Debian)
ETag: W/"d262e2283485b8e6a3fc96dc4d028db3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Id: de_ahT_Xykxo5NlaiMzlk1zglUipZpLffwwwFd2AzsuxeYlVR7wCjw==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 029ae298256b2ed8ae3a727d89d869756f97e3.js Show response
functionalfeather.com/scripts/ 64 KB
23 KB 68ms
52ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/scripts/029ae298256b2ed8ae3a727d89d869756f97e3.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1e0e71d5765a0b81f92b38844db63ac4214be63c113d70e19a39f5893426432a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sun, 30 Jul 2023 16:19:46 GMT
x-datacenter: gce-asia-east1
etag: "415b3436b4249c59cd3858bcca05f62a7e5fb759b2900747fbf323e244974941"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-asia-east1-spot-shtg
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 946550297
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 configs Show response
d.pub.network/v2/sites/bleepingcomputer-com/ 72 KB
7 KB 73ms
53ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: ff32e139f647a0c17245a718df4c9f46c236e42dc77ca006d9206b8fc95e4537

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
501 B 12ms
12ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 476
cf-polished: origFmt=png, origSize=187
content-disposition: inline; filename="login_bg.webp"
content-length: 126
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiFNZU5%2BbbbnwDMl2szz94PmBeMi70SvkH4XQ3LWH6y4I5N3ydgFCELiiFsNXsf5nfBNJHu1Jtqck7RaVblJ8zosom4hn1fcyLoLtCpYVTYi%2F8Sqf66qE7PsPwecPUHqPsPXdxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd60b4748fa-SIN
expires: Thu, 29 Jun 2023 20:33:43 GMT

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
451 B 8ms
8ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145085
cf-polished: origFmt=png, origSize=83
content-disposition: inline; filename="nav_bg.webp"
content-length: 72
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAhUdbBhpFbn3n358CEgvbeolEw3OZ68U8gtERKXM4UlMlaCsqGvZGiv0e2heWt5JqXJT%2BI68iE2R%2FnU3C05Ky01tgZzF%2BKWWr8tG4%2FUxl9pcTT%2F575pvJfHdJ%2BB0VsDYg1jMjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd60b4948fa-SIN
expires: Mon, 28 Aug 2023 00:01:40 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
802 B 8ms
8ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 865138
cf-polished: origFmt=png, origSize=824
content-disposition: inline; filename="20x20-printer.webp"
content-length: 422
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aE8LzyvEPdN2r8feP4oxN0xFbr2jLoblBJl4w1rvThbOVZRVRVlKi4eL0jaiG81ZDR942MJYR77MCp5UZ3g4m3BeAYHjOpMFy%2FtxjMvBB1%2BzpP8dsrAyVjSrr33Xu2UnwDr0ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd60b4a48fa-SIN
expires: Sat, 19 Aug 2023 16:00:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 15ms
4ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 22:54:50 GMT
x-content-type-options: nosniff
age: 321896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 22:54:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
5ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 22:35:18 GMT
x-content-type-options: nosniff
age: 323068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 22:35:18 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 18ms
3ms Image
image/x-icon 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 20:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jul 2023 20:19:57 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 182ms
55ms Image
image/svg+xml 23.35.185.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.185.76 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-185-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Tue, 29 Aug 2023 16:19:46 GMT
date: Sun, 30 Jul 2023 16:19:46 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 connatix.playspace.js Show response
cds.connatix.com/p/304133/ Frame ED30 1 MB
291 KB 40ms
26ms Script
application/javascript 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d27c342b04aa666c036eb42d702e47fb759e8df9a9babc808a0fe4d3377e804

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
x-amz-version-id: 5ryv.iHF2eS1ZmckIvTs2zGQe62v6Bdm
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Jul 2023 13:42:49 GMT
server: cloudflare
etag: W/"7bd14d555c281741e1d918fe1c48856a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7eeeecd65d58a077-SIN
access-control-allow-headers: range
expires: Mon, 29 Jul 2024 16:19:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
87 KB 6ms
5ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a43fc0ed2f7280379ce67734ba40e033dbd00f5f96e9b69a9d79dca22161d6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 13ms
4ms Script
text/javascript 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 15:10:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 30 Jul 2023 17:10:42 GMT

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 39 KB
8 KB 267ms
242ms XHR
application/json 13.227.254.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&charset=UTF-8&ch=16&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=58671954
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-18.sin52.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9a8b05cd707a47ba5ca8d535ce568c0f35670894a9b9377f28aea5dbf39e3a79

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:19:46 GMT
Content-Encoding: gzip
Via: 1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 7805
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: IRwOw0zWNNxSrxO-y030SdYhRk_gWQgVLkjVj4JWXihOp2v3P1XPkQ==
Expires: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 24ms
5ms Script
application/javascript 13.33.33.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-50.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 18:04:26 GMT
content-encoding: gzip
via: 1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 80122
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Ktuk8UiM7mDzVfPuC9TVdpGyuPhl-nOUdyUWupUyCq7yzq1CZNjsvA==

GET
H2 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/ 457 KB
136 KB 14ms
13ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c86e1d9883034854b853ecd83002ef72ed99aaae3cef4fe1d982219f4e54128

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 177089
x-guploader-uploadid: ADPycdthSzdjWc04X3KL_4OQE-fkZTw83JBYDqndlzun04C0Uy6TD8xqOO4HteyFOBHl7CSBwqxM1-7zIBkSBvhYDF0QgJq5d267
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 21 Jul 2023 15:35:28 GMT
server: cloudflare
etag: W/"438b9469b07dc09e3ad809be83e97953"
vary: Accept-Encoding
x-goog-generation: 1689953728574994
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=2fX9lw==, md5=Q4uUabB9wJ462Am+g+l5Uw==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 468162
cf-ray: 7eeeecd68ed306ab-SIN
expires: Sun, 30 Jul 2023 17:19:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
213 B 5ms
4ms XHR
text/plain 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=202702659&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&ul=en-us&de=UTF-8&dt=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1963631783&gjid=1779521829&cid=173679715.1690733986&tid=UA-91740-1&_gid=670173655.1690733986&_r=1&gtm=457e37q0&jsscut=1&z=351012071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 5ms
4ms Ping
text/plain 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je37q0&_p=202702659&cid=173679715.1690733986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690733986&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&dt=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 malware-phishing-header.jpg
www.bleepstatic.com/content/hl-images/2021/04/16/ 277 KB
278 KB 12ms
11ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2021/04/16/malware-phishing-header.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b205c134248608e391ab07fe9a6ce37d25711a8dcae92da4f7b9e7f6fd6f5212

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41882
cf-polished: qual=85, origFmt=jpeg, origSize=673810
content-disposition: inline; filename="malware-phishing-header.webp"
content-length: 283892
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Apr 2021 22:12:43 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cant1qHzPrnMXQxXHsWpzXe0KNzGRznqFofAFfTIBScVhHqCI9unyEwItVJTkDSiliC9EMG8skZJ4rWgK1vCLa40j0okRLCnFHOCWOtvsuV1F%2B6NSYJQHtZZLCiPjt3YUL1mPd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd6dc6748fa-SIN
expires: Tue, 29 Aug 2023 04:41:44 GMT

GET
H2 200 table(4).jpg
www.bleepstatic.com/images/news/u/1220909/Tables/ 52 KB
53 KB 978ms
977ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/Tables/table(4).jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b9963c6af4873cbc8ed3081beac5e446b138c3b270fbb3d9bf55dc6a8b51ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jan 2022 09:16:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTuoQLaNsDQ4763yB%2FaXOjBw0fWRmngwY2T91l3tLfLo5j8tiYjkz7M49oD%2FikC%2BivNC1oxcVkSqXA9Z13DHyTKu%2FTdZrIKBs%2FC3T6PlHjcGoLkiy4ympZeaKBtjL1n7H8h1b20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd6dc6848fa-SIN
content-length: 53735
expires: Tue, 29 Aug 2023 16:19:46 GMT

GET
H2 200 permissions.jpg
www.bleepstatic.com/images/news/u/1220909/Phishing/ 68 KB
68 KB 983ms
982ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/Phishing/permissions.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7809c7a53d29fa4632862c034f7bb6bfee7eef6f3207404c8f168170780c66

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jan 2022 09:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnIOSez6LeJtKQmyVui4dFgTfQnRAaN6Ok8NVj2QnOEYCe66GaJdU5MngnCsEryYQIeMA1bWnnuGh2d99esZNkiVNaVfnyJ9UFoQYbbBiCU79pduDAeZjlhvvAeKwPspXl2AsPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd6dc6948fa-SIN
content-length: 69776
expires: Tue, 29 Aug 2023 16:19:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 44ms
27ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9327d98c330e29ec866eba20bed03812f67dacd2bdcb05d77d34559d9926dc7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50707
x-xss-protection: 0
server: cafe
etag: 17162863748641547108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 mwise-join-forces.jpg
www.bleepstatic.com/comp/m/ 19 KB
19 KB 9ms
9ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/comp/m/mwise-join-forces.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 655bf6433ca47c0e0deaf1ee741999d198ef0cd98601974ebf72f1fbf596eb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144944
cf-polished: qual=85, origFmt=jpeg, origSize=138936
content-disposition: inline; filename="mwise-join-forces.webp"
content-length: 19176
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Jun 2023 01:22:33 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppbl%2F%2FlbTDdD0%2B%2B3%2Bmq1hh3ewpajqYLiIvdAixoTziWCg6q69X%2FxRs6kUX0wg5LM6MzyKFTNHmva4N5lBdQe3Ktiq9HB28frx7%2BJp6zis1VuGjxdUWFJDJJOandujlV16spVtgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd6dc6a48fa-SIN
expires: Mon, 28 Aug 2023 00:04:01 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
636 B 14ms
14ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252358
cf-polished: origFmt=png, origSize=475
content-disposition: inline; filename="twitter.webp"
content-length: 282
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA8oxZl13LSc0et%2FHUa4OhNAWWgzSoJE5q13sWyw%2Fh4PP7TJvQDptvx3OprFPwDGNqNAVQPUuu67bdatczVkQ6GLJ69Avid3lAgDztG3egUdH0U7ut2wXlylcZTqsnqS%2Fq7Jyjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd6ec6b48fa-SIN
expires: Sat, 26 Aug 2023 18:13:47 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/bootstrap/js/ 50 KB
13 KB 15ms
14ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1631
cf-polished: origSize=75484
cf-bgj: minify
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
server: cloudflare
etag: W/"984724076"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2aEYciTeGD69EFvBQvMrCDwY8dYrgNLpCir7DuVYkaqTn8EWWfm27L8YTS8TsTgSnFe0UqvBbaBexTsR5Xyy7I7PRTTNVBnouwGFmsVHBNQS%2BgtzCSEhn%2B%2BDnLpHG7Ms%2Fm%2BWFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd6ec6d48fa-SIN
expires: Tue, 14 Mar 2023 05:07:29 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 15ms
15ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1635
etag: W/"753357888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=045Ordx6l11ucRBDqVqz7tJtMRdMTY%2B4brbArV9mnRRReMPrK%2FBWeU0%2BpbNJ3K5fdWJ1WOF%2F8RmMXE4%2FNamoBPUMbihw%2FzfSuYmYzEd7tzTx4IBUdJ39Y7j9BZ98z6ZgiLzOO0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd6ec6c48fa-SIN
expires: Tue, 14 Mar 2023 05:31:19 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
1 KB 14ms
13ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1631
cf-polished: origSize=3600
cf-bgj: minify
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTpANmlxUAeKC%2FklRs9b0VqIv1NXYbVzdTtbve8dupp2e66qJa6r7X6%2BshGNz6ic5ixCHmlHF7%2FV67MkA7Lxo4V9hPf15uM9gSFysagP9BqM5UDGkurlpf%2BI%2FRWDiz9mJQGem8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd6ec6e48fa-SIN
expires: Tue, 14 Mar 2023 06:05:48 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
10 KB 15ms
14ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564
cf-polished: origSize=48706
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OakDuIsFL6h73xNDb86LJ7aHnEJR8T2ekkEk0wyMaW3Fyj8RP9%2ByK%2Bs3O0xXXEZmjLHfoB7QC%2BY%2FKNmk6DXo3o4IOKRl5ilXdEkYA3BKxbUC%2BKwQ6uKvxl%2B90hbTlQWvaWJy%2FIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd6ec7348fa-SIN
expires: Tue, 14 Mar 2023 04:02:44 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 14ms
14ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 522
etag: W/"1740214911"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1nfjk3m7MjLMLaXgkoysyU9HaCPzdLTTce26fNOhxLuNxUiffRQtmtwqoJsb0r0GihW%2FULTeIa0WbjI%2Fbyl8520AHuF3bSgA0oWWs7ABoUyNq3OgT1%2BZxQqtJaKrKlt5IqRlKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd6ec7148fa-SIN
expires: Thu, 05 Jan 2023 08:20:37 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 56 B
362 B 254ms
43ms Script
text/javascript 184.51.136.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.136.126 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-136-126.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 16:19:46 GMT
server: Oracle API Gateway
opc-request-id: /031FCA72BE51C2A205D1785BDA3BBE71/8245B3B9D820C992BAD02684DB78E08D
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s9.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
507 B 9ms
7ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 866142
cf-polished: origFmt=png, origSize=129
content-disposition: inline; filename="calendar.webp"
content-length: 86
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1Kg9YSKYgiRFPxswOCKrRSLt7eEsBSiSaEOwp3M8KemIGi4vE2MjfPzVHum0oOMY2LIiqeQp7hcPoaLdY%2BZK87W8Jv04q%2BRoIzmMODmJT1IH2c830GX9oR4N%2Bc%2F7Xh7vBd7St8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce448fa-SIN
expires: Sat, 19 Aug 2023 15:44:04 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
728 B 13ms
11ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341716
cf-polished: origFmt=png, origSize=1316
content-disposition: inline; filename="clock.webp"
content-length: 252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zv9bcj6t6oJhIAul%2BsRlzNnE8npwN6sXa8viYgJJUQk3GhYeJ5ktQc2e1kOEY1DsU%2BgRo%2BYOq232At599fGfvFe%2F2o1Y32Oh6LtPCzu4wWhvhODuWkSatY42OAImHUyKJyT5L0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce548fa-SIN
expires: Fri, 25 Aug 2023 17:24:30 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 94 B
485 B 11ms
9ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251131
cf-polished: origFmt=png, origSize=1034
content-disposition: inline; filename="comment-light.webp"
content-length: 94
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoYitC7PIJ%2BqPiT%2B3INqrySoOfvBXIA%2FDaV1h%2F%2FyfH0uDqec5DR3T%2BP1EWYgVd4tFLztHmhFulBM2iKOCQLnaRRSCQjQNau9L%2B%2BXWImM6yRygN9FHh10KqAVlZNlWaA1YPwAz%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce648fa-SIN
expires: Sat, 26 Aug 2023 18:34:15 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
640 B 11ms
10ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224047
cf-polished: origFmt=png, origSize=618
content-disposition: inline; filename="32x32-printer.webp"
content-length: 256
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ha%2FOFTMHC68MI7qG%2BcUM%2FD8ry2kr7%2Bzw1tK3Zpv3vv42SuC8nPhfdqvYTDgWpCe0pVghgoamyqIp8snu1VyHWizmQ6aYFc4sppr8dvsAx35EczVpDcw3hn8ABb%2FmXLekJMT8cE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce748fa-SIN
expires: Sun, 27 Aug 2023 02:05:38 GMT

GET
H2 200 42758747b8592c683aa2b2162019ddfa.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 13ms
12ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/42758747b8592c683aa2b2162019ddfa.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248152
cf-polished: qual=85, origFmt=jpeg, origSize=12322
content-disposition: inline; filename="42758747b8592c683aa2b2162019ddfa.webp"
content-length: 7248
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Sep 2021 21:25:46 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZiFgRPteID2w0zbtry2cugBWtdqWeZIsRMS9xX6zb%2BHBpxNGoiuZNZxB%2BS2cv0hRzBAmMWKExXxWOYQH4lTHR9%2BSPfWt31kHjpzxFURoN7DHUedj0E3bmFou61dg6c96Q5Qavo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce848fa-SIN
expires: Sat, 26 Aug 2023 19:23:54 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
392 B 12ms
11ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341202
cf-polished: origFmt=png, origSize=72
content-disposition: inline; filename="h4-bg.webp"
content-length: 38
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i8VAgJn6gB7zBBFaJ%2BqKDEw1cCKWOtLTyMpUgFqyKcHqODh7Wxu1kGh2cnEMSt9ySmKt7zPuj4zr7LDF5ea0s1IrqwbRv%2BP8zqUUNaP3HabG%2F9jlFskx99iEBmr%2B4fOisDhpw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd73ce948fa-SIN
expires: Fri, 25 Aug 2023 17:33:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 11ms
11ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 23:01:00 GMT
x-content-type-options: nosniff
age: 321526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 23:01:00 GMT

GET
H2

200

sync Show response
capi.connatix.com/core/ Frame ED30
Redirect Chain

https://capi.connatix.com/core/sync?v=304133
https://capi.connatix.com/core/sync?v=304133&final=true

5 KB
2 KB

223ms
222ms

XHR
application/json

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?v=304133&final=true
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f7043abd5d0655b75f2cee7df064cdb94d138e77130dce29e5b40ff0ca6bd8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecd998a5a077-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?v=304133&final=true
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecd7ae46a077-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/304133/ 117 KB
18 KB 16ms
16ms Stylesheet
text/css 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/304133/connatix.playspace.css
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd67165c97bbda88c4fbcd3bef3e8b44e0f9637ac01236dcff81f9ffd4d0947

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
x-amz-version-id: GNJ4wzwmVj6pXlQ.bcTcvZ0rDdVVR5KK
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Jul 2023 13:42:49 GMT
server: cloudflare
etag: W/"f87690853caae0bfa978f2b4d48b0412"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7eeeecd79e31a077-SIN
access-control-allow-headers: range
expires: Mon, 29 Jul 2024 16:19:46 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are...

0
225 B

159ms
159ms

Image
text/plain

13.33.33.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&c8=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&c9=
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 13.33.33.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-50.sin2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SIN2-P1
x-amz-cf-id: gG6SsbZcWqp7nS4oHMHw-yaI6TKiv8gzFMYzKqfNaoZetobZD0YnMg==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690733986551&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&c8=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&c9=
content-length: 0
x-amz-cf-id: T-PBBba6Znz0_9XmKgUEQsOCJQKWldPFxcD0IKqXzEyckwDbFv_11Q==

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 70ms
54ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=www.bleepingcomputer.com&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 30 Jul 2023 16:19:46 GMT
expires: 0
fs-client-rtt: 4
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 1 KB
1 KB 12ms
4ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=www.bleepingcomputer.com&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

dacc6dc0ed976af7029618c11d31a693e7c6a0dc86c314a701378dd1c7664fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sun, 30 Jul 2023 16:17:45 GMT
fs-client-rtt: 3
age: 121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 87 KB
19 KB 33ms
12ms Script
text/javascript 2606:4700::6812:4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b958877ae606a257a4f988bcec5e12dce02ca7fbfe496dcf6a2501335de5f1c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Jul 2023 14:16:05 GMT
server: cloudflare
x-amz-request-id: Z8W38YXGQG6V27GN
age: 410
etag: W/"dafa015790c941ec8b949a01d97a5a65"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7eeeecd85c0487e4-SIN
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0jym8vBDr3UwzYvKDND1btspyo+1Hi/0rIfpbp04PJY90xdpftFn8rN6F/Qlywrru8tWjhYU7JI=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 45ms
27ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d47e88b3328b219484f0fffb0368c84d0e6b9f1bec2b4a8f1e07fbbe0431481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27969
x-xss-protection: 0
server: cafe
etag: 7 / 19568 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

486 KB
84 KB

40ms
19ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad79215aa954aaab77412ec7592d8cd223a7ed6f6b2c1ba5cb1f0ab60468359

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Jul 2023 15:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2035
etag: W/"ec491f22118588ceec7b69da763328b6"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoUD9zXKpRGKJkz14oAMNRPtDVn0VdiciiNt2soZl4MQ6oqRunwkeRgrMWLunIs%2BuZyVQiLVfa5We%2F4C%2BF%2FyNF%2B7u6OlG6jLH7WqAekvil%2BRUTcJdv1AiQvmFQCIbUfk3nob9o6habwJqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7eeeecd8ed389f91-SIN

Redirect headers

date: Sun, 30 Jul 2023 16:19:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUbaM4mRfxLMej5jRxznRl5ZkwkmC9tG2D%2B1MKhPZIGPPkOzDGYD7mrup0cePGLA2aJYeKr%2BX5BNO%2FcOReuIViHn%2FyffxAfN88bicjyGBDSjfO7oCI8kqNlhdjOROXCSAuBduNAJZlqh7VumdLpaMnxOI3jd4Mno5K8OBg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 7eeeecd85ca24be6-SIN
expires: Sun, 30 Jul 2023 17:19:46 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 39ms
18ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&ref=&_it=freestar&partner_id=474
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 May 2023 16:51:11 GMT
server: cloudflare
x-amz-request-id: CYR3MH29WZT1YS7G
age: 4896
etag: W/"82b3b53182a6a8dbe6684806275e839a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7eeeecd86c5991b7-SIN
x-amz-id-2: pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=

GET
H2 200 prebid-analytics-7.48.3.js Show response
a.pub.network/core/ 598 KB
193 KB 14ms
14ms Script
text/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29c683753e467eae157a27cccc8b998913df80a8ecf690f2df7fde0aa6ec2d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4285
x-guploader-uploadid: ADPycdsG-rLbDeMhsvYcxNbIVqnf9mYGTjXy6l4BX-bi4eU8m-0_7r_1yFwVaHZqZDWg9xlKdnhNG_7yq1zDf7K-LnOBBcT3xZ8p
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 28 Jun 2023 23:15:18 GMT
server: cloudflare
etag: W/"b90ba5907ececb67a85d71916b141edd"
vary: Accept-Encoding
x-goog-generation: 1687994118560887
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=/atxpA==, md5=uQulkH7Oy2eoXXGRaxQe3Q==
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 612655
cf-ray: 7eeeecd858e406ab-SIN
expires: Mon, 31 Jul 2023 16:19:46 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 76 KB
33 KB 212ms
67ms Script
application/javascript 13.126.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.126.105.99 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-126-105-99.ap-south-1.compute.amazonaws.com
Software: nginx /
Resource Hash: df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:19:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 19:03:48 GMT
Server: nginx
ETag: W/"645bea94-1319b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

POST
H/1.1 200
OK collect
cdn.firstimpression.io/tracking/ 2 B
589 B 170ms
170ms Ping
text/plain 13.227.254.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/tracking/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-18.sin52.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Sun, 30 Jul 2023 16:19:46 GMT
Access-Control-Request-Method: *
Via: 1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
Access-Control-Allow-Methods: OPTIONS, GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
X-Cache: Miss from cloudfront
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2
X-Amz-Cf-Id: wSIlO2wYpXl4Ihg72YblLJfZqIcW3NuEFImtoMh5mv8nsa6SgWwyqw==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 28ms
28ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a6a3649c5c96eeee90394ea974268d88bb63064bfcac963a8e5895cc5b64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127279
x-xss-protection: 0
server: cafe
etag: 13960143895798463944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 7075 10 KB
5 KB 19ms
5ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 15592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:59:54 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 11:59:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 ucl Show response
capi.connatix.com/tr/ Frame ED30 0
58 B 203ms
203ms XHR
application/x-protobuf 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ucl?v=304133
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecd8bfa0a077-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

POST
H2 200 story Show response
capi.connatix.com/core/ Frame ED30 19 KB
5 KB 289ms
289ms XHR
application/x-protobuf 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=304133
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ad12e9444e1d8454f0dc35f8bbff3179e190c9f1890a0c13182b58c0081fe3

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecd8cfa7a077-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 47ms
4ms Image
image/gif 2600:9000:23d2:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_243003
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 21:08:22 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d5f29441dead372cd342d7cb881976ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 846685
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 9zzmHCFawaaVHtPr0QLllCKbXfvWZ7Ch6iqseIOCwD8Yjn6ZcuNs8w==

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 232ms
203ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 7eeeecd91f493d35-SIN
content-length: 0
content-type: application/json
date: Sun, 30 Jul 2023 16:19:46 GMT
debug: OPTIONS block
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 105 B
318 B 194ms
193ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&ref=&_it=freestar&partner_id=474
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdc5cfbe3bf445af1f4dac6519026b69a5d8b1de622cde01aa5ac629d42f114d

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7eeeecda58c63d35-SIN

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 01:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53415
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 29 Jul 2024 01:29:31 GMT

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 9ms
9ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589
cf-polished: origSize=4895
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FkXW00XbpNC8uKbVXuuaPJPvMq8PR8ZT2I9%2F%2BRfvrbkxEVZTet9ylqwS0zMF%2FJXg9j1yhT%2B2zxlq6a22H7pDWOdzkjvTl8IMbeS7enVJPiOYLKEpaA%2BzNjZwDjFyg374GlwdmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd8fe6d48fa-SIN
expires: Tue, 14 Mar 2023 08:01:23 GMT

GET
H2 200 fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 79 KB
18 KB 12ms
11ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:35:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1626
etag: W/"2038534161"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul%2FkWUv89F8YXzvug56BwHJ9sd485ZfvToUZEZh7Ne8KePpamkNsL%2BRDi7dsj%2F53KnDmef4qI5mcY0%2Bi7pBwQUALS%2BUqKKOGXxOi3VXEX5pEB6iDU9zVxHqfagbqwvwa2OIFFmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd8fe7048fa-SIN
expires: Tue, 20 Dec 2022 00:08:12 GMT

GET
H2 200 brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 18 KB
5 KB 11ms
10ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:34:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1626
etag: W/"2013745295"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w54UeJiHG%2BzjYu%2BpFYSKBQkIuxWcs2C3ZOwfDOrWHEOZ8NYsqFl3CmRG0u9LhUhffUldd1nFlsokAV%2F9CGb%2FVRjLUjQaholH6LJstMiXqxMPQpMUrB7olbR4PHx8qjUU1T1pUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd8fe7148fa-SIN
expires: Tue, 14 Mar 2023 05:35:34 GMT

GET
H2 200 solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 572 B
655 B 10ms
9ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:34:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1626
etag: W/"508050520"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTzKJ25qa%2B9tvebv5sbABDCUS9Wf%2FvyEkGmN4ktNNfjRgjYS2F%2BW3nsx%2Fk28w9ignZMUOSAA0s1vFA9sNlhrSTNzN5c3shg3KpFlJ4PzWsN9S41pOx7xIid3lsloYHIcMF6uV44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 7eeeecd8fe7248fa-SIN
expires: Tue, 14 Mar 2023 05:07:29 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 251 KB
77 KB 17ms
17ms Script
application/javascript 2606:4700::6812:4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 13:26:13 GMT
server: cloudflare
x-amz-request-id: 82NV1MK4152EPNRK
age: 947543
etag: W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7eeeecd91dae87e4-SIN
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a73ncBzX+VUtAjnq4yUAibSAdQl28Q93Wsv372Y+jpCufD5YgRO/Wc0lwwta8r9ezjGxHxfVQ/0=

GET
H2 200 292x176_Twitter_X.jpg
www.bleepstatic.com/content/hl-images/2023/07/28/thumb/ 8 KB
8 KB 9ms
8ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2023/07/28/thumb/292x176_Twitter_X.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bde46cab28e6cd4e008fe2f84ad39eb82aeb5b18d8234bd2aab288a4ca8717

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94059
cf-polished: degrade=85, origSize=41725, status=webp_bigger
content-length: 7730
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 16:04:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caHzJ76Jc%2B%2F6kXxekTtBlSfSKqtqgQjQFVxqOe4UL%2F%2FPfPHDnXns2LvH5jtCmwGjNwO%2BoWllgOWnHaedhI4f6zu4I3ztEmF%2FWG%2B3zAZg0onmL2c31Ow3vhuM0HfyVW4rN87le7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd91ebe48fa-SIN
expires: Mon, 28 Aug 2023 14:12:07 GMT

GET
H2 200 292x176_Twitter-X.jpg
www.bleepstatic.com/content/hl-images/2023/07/28/thumb/ 8 KB
8 KB 10ms
10ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2023/07/28/thumb/292x176_Twitter-X.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009d1a6698693ef8a0b11179fc2d9918ceb10f07728b9805cb1c7edd0ae9a3ff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130755
cf-polished: degrade=85, origSize=41796, status=webp_bigger
content-length: 7744
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 16:03:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnFTv5ysusrzVbJhrqmBKDNRam4mhN7mPCels%2BtkwoyHEMX8TGJXKClZlE%2FszsFei3CIRoS6iEnIz8xl62jF9bB9IB6zFSabD5GCL2cM3hkruBaS6VqHU9Fzdr4ePUq49Q%2FRdfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeeecd91ec348fa-SIN
expires: Mon, 28 Aug 2023 04:00:31 GMT

GET
H2 200 fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 147 KB
147 KB 32ms
16ms Font
application/octet-stream 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Origin: https://www.bleepingcomputer.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:33:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5325
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skeM4B8Ci0jHM5%2Bc6Xmp7lySlqIOnFhZbIm5a9YzDkMM4tvVkdrGbzJVVd4SVtYSHDemckv2yxIt5z3zaZW2Br9geAoRgd8%2FDWzZKi9HdbX3xp6iDtatSxaj6c8saiTQj%2BF2Pis%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7eeeecd94e244008-SIN
content-length: 150472

GET
H2 200 fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 105 KB
106 KB 24ms
12ms Font
application/octet-stream 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Origin: https://www.bleepingcomputer.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDRDCNgOsudtLmopxR4jBmZCTI5yqNJrCQCN8kJNqTdbv124FC5TvLf5Zh171FchaFe4%2FXNUH16FKajGDXS2ZhY3OGoN12u%2FTIsUQTarROcNkzYYwNxerCBs8I2XPZL2xotkd5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7eeeecd94e264008-SIN
content-length: 107460

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 18ms
8ms Script
text/javascript 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bleepingcomputer.com&callback=_gfp_s_&client=ca-pub-0920899300397823

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92dad1d64aeb8e560f94f3183af2ea57a6862fb3a89a0c14a7f5a109211135f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D30D 164 KB
35 KB 308ms
307ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d1eb4400ae415a6a8109d9a1825ba8a2dbed2b5205dc64cd4c5e41b437b0b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35800
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 16:19:47 GMT
expires: Sun, 30 Jul 2023 16:19:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D509 0
0 514ms
514ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1643380172&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986697&bpp=2&bdt=584&idt=138&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=8625009206862&frm=20&pv=1&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51148
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 16:19:47 GMT
expires: Sun, 30 Jul 2023 16:19:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 5ms
5ms Image
image/gif 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
102 B 228ms
210ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
937 B 31ms
11ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589062
x-guploader-uploadid: ADPycduiuYtCkJ4zI0ldwbbspIc7l304iekIdyxGz1XKO4uoZHMDMejZ1SjNzJHqXR9QmciolugkbczpQdWKnEZSXyNePw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfnGna%2B8OcfqmN32JiOMKqyhgc66GP11BZRkg%2BDzFbYCrPff6v4qgumwkrmbeMtlFUWWxC2MP%2FiICB56Z3FEVG6CS%2BxCFH7t5jhdjU0n%2FwdnctK7Imjq%2F4Ak3%2Bec1yPOT8%2B0UfzG2HyW63mcKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7eeeecda094440f0-SIN
expires: Sun, 23 Jul 2023 21:32:40 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 33ms
13ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2550755016275501
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589062
x-guploader-uploadid: ADPycduiuYtCkJ4zI0ldwbbspIc7l304iekIdyxGz1XKO4uoZHMDMejZ1SjNzJHqXR9QmciolugkbczpQdWKnEZSXyNePw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjeyFvqfdgKZKhfc3tnYiZd5bHLM%2F4G0zohVIPgqgwiR5gEltHz%2FxMQd8ZqgjsvWftUgbmvtQN1SSgoKakCohQ9TKXTa1T1QiyQqJdOsD8ECwV5aO5b4%2BHxs6LIKQg5lsMaeOLNXdl419KnldA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7eeeecda094740f0-SIN
expires: Sun, 23 Jul 2023 21:32:40 GMT

OPTIONS
H2 200 floors
api.floors.dev/sgw/v1/ Frame 0
0 70ms
51ms Preflight 34.160.128.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
cache-status: uncacheable
content-length: 0
date: Sun, 30 Jul 2023 16:19:46 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

POST
H3 200 floors Show response
api.floors.dev/sgw/v1/ 5 KB
5 KB 68ms
59ms Fetch
application/json 34.160.128.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Resource Hash

7db69c15e62e0b8f7e6fcf8afcb263abe172b860c77b5a0d2b610c52ee33f3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
cache-status: uncacheable
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 31 B
445 B 249ms
124ms Fetch
application/json 13.126.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.126.105.99 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-105-99.ap-south-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2fcf473614e83cd74823df3f13ca3edc1b156b81fcd4bdba076c5b6c3cacfc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 30 Jul 2023 16:19:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Forwarded-For, X-Requested-With, Content-Type
Content-Length: 31
X-XSS-Protection: 1; mode=block

GET
H2 200 insights.bin Show response
ins.connatix.com/5436555e227d2d5f31c69fd767a258eb/ Frame ED30 432 B
589 B 358ms
334ms XHR
application/x-protobuf 104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/5436555e227d2d5f31c69fd767a258eb/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 828f6683ae57e1eadb9427f2b4ca9496001268d6bbc6b440a09dc3b5b7cd06d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Jun 2023 18:46:33 GMT
server: cloudflare
etag: W/"05cb60f4597f6e54babb98a1dc6ffa59"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 7eeeecdade7b4062-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Jul 2024 16:19:47 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dIndex%26api-tier%3d2%26uid%3d&gdpr=0
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1
https://cks.connatix.com/cks?pid=17&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Index&api-tier=2&uid=ZMaNo6mDp5YM5xBfD.0b7QAA%265326

139 B
253 B

13ms
12ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=17&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Index&api-tier=2&uid=ZMaNo6mDp5YM5xBfD.0b7QAA%265326
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fb150dd9554a0a5a71f7fbcce19268751a1dda7583ea5cef3aec73ce333f6e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecde5cdb91bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jul 2023 16:19:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cks.connatix.com/cks?pid=17&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Index&api-tier=2&uid=ZMaNo6mDp5YM5xBfD.0b7QAA%265326
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

400
Bad Request

connatix
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid}&gdpr=0
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...

0
0

79ms
79ms

Script
text/plain

13.114.88.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

HTTP/1.1

Server

13.114.88.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-114-88-218.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 25
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1
Date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://cks.connatix.com/cks?pid=19&uid=d5241a23-0565-41d2-9b04-6de9303bf1c0&ttl=1693325987

146 B
159 B

25ms
13ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=d5241a23-0565-41d2-9b04-6de9303bf1c0&ttl=1693325987
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6b73f7a0310f0d051a95b34ccc27b15512d83a91a52d338532585647ba843d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb5b39a077-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=d5241a23-0565-41d2-9b04-6de9303bf1c0&ttl=1693325987
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 213

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dAmobee%26api-tier%3d2%26uid%3D%23USER_ID%23&gdpr=0
https://cks.connatix.com/cks?pid=21&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Amobee&api-tier=2&uid=8037134907376619512

129 B
278 B

18ms
17ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=21&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Amobee&api-tier=2&uid=8037134907376619512
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff536c1b8274ab0a76b2155ad1efa21b3b7228e5236abf627e9a1eafdda2460

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdcbaa691bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=21&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Amobee&api-tier=2&uid=8037134907376619512
pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dTripleLift%26api-tier%3d2%26uid%3d%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DTripleLift%26api-tier%3D2%26uid%...
https://cks.connatix.com/cks?pid=25&ev=4ff326573fb34c6ab66de0373c8f757f&pname=TripleLift&api-tier=2&uid=221901828531360008247

131 B
152 B

26ms
12ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=25&ev=4ff326573fb34c6ab66de0373c8f757f&pname=TripleLift&api-tier=2&uid=221901828531360008247
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ceb921d1124a40606d7948ebe14e39dab583ab3f6bda0ae6b4bc676cfab05ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb5b37a077-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=25&ev=4ff326573fb34c6ab66de0373c8f757f&pname=TripleLift&api-tier=2&uid=221901828531360008247
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d4ff326573fb34c6ab66de0373c8f757f%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=4ff326573fb34c6ab66de0373c8f757f&pname=AppNexus&api-tier=2&uid=5026211438562898588&gdpr=0

128 B
241 B

12ms
12ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=4ff326573fb34c6ab66de0373c8f757f&pname=AppNexus&api-tier=2&uid=5026211438562898588&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161876a679c0f34035fb5b31da1e784215bf6aa8602f6c9b7fcddd4763c2e96f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdf7e1891bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
an-x-request-uuid: 46705041-c9d8-41d6-98c7-a37cba183555
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cks.connatix.com/cks?pid=6&ev=4ff326573fb34c6ab66de0373c8f757f&pname=AppNexus&api-tier=2&uid=5026211438562898588&gdpr=0
x-proxy-origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame D778
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0

0
0

145ms
39ms

Document
text/html

184.51.138.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.138.68 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-138-68.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jul 2023 16:19:47 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 30 Jul 2023 16:19:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
server: AkamaiGHost

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame ED30 7 KB
3 KB 154ms
35ms Script
application/javascript 23.35.184.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.184.203 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-184-203.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=56820
accept-ranges: bytes
content-length: 2358
expires: Mon, 31 Jul 2023 08:06:47 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dPulsePoint%26api-tier%3d2%26uid%3d%...
https://cks.connatix.com/cks?pid=13&ev=4ff326573fb34c6ab66de0373c8f757f&pname=PulsePoint&api-tier=2&uid=VUmNLk5FobM0

122 B
239 B

20ms
19ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=13&ev=4ff326573fb34c6ab66de0373c8f757f&pname=PulsePoint&api-tier=2&uid=VUmNLk5FobM0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d882fdb18732487822da73ec6b6db7ae85bfc5f03bfb5c8726485f0b42b871

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecde9d1e91bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: zh-SG
location: https://cks.connatix.com/cks?pid=13&ev=4ff326573fb34c6ab66de0373c8f757f&pname=PulsePoint&api-tier=2&uid=VUmNLk5FobM0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b7c77bbd5-kt9mm
expires: -1

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCrimtan%26api-tier%3d2%26uid%3d%5Buser_id%5D&gdpr=0
https://cks.connatix.com/cks?pid=28&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Crimtan&api-tier=2&uid=137a6b61b9c64406ae828b43dfd926b4

142 B
156 B

18ms
17ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Crimtan&api-tier=2&uid=137a6b61b9c64406ae828b43dfd926b4
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af8c24ff69716670bf4951455fbbd471afdb4991ec1006db40baec14b75b4519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb7b77a077-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cks.connatix.com/cks?pid=28&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Crimtan&api-tier=2&uid=137a6b61b9c64406ae828b43dfd926b4
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dLoopMe%26api-tier%3d2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
https://cks.connatix.com/cks?pid=18&ev=4ff326573fb34c6ab66de0373c8f757f&pname=LoopMe&api-tier=2&uid=26c44ff8-0e87-4016-bb9e-71398e1d4f66&pubid=11186&gdpr=0

146 B
255 B

16ms
16ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=18&ev=4ff326573fb34c6ab66de0373c8f757f&pname=LoopMe&api-tier=2&uid=26c44ff8-0e87-4016-bb9e-71398e1d4f66&pubid=11186&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c7cd257728d984855d19cc6cb97fe579297d69279a26a47bb925bda39ccaf7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecde5ce091bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=18&ev=4ff326573fb34c6ab66de0373c8f757f&pname=LoopMe&api-tier=2&uid=26c44ff8-0e87-4016-bb9e-71398e1d4f66&pubid=11186&gdpr=0
date: Sun, 30 Jul 2023 16:19:47 GMT
server: _
content-length: 0

GET
H2

200

1000.gif Show response
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=4ff326573fb34c6ab66de0373c8f757f&gdpr=0
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCKObmqYGEgUI6AcQAEIASiA0ZmYzMjY1NzNmYjM0YzZhYjY2ZGUwMzczYzhmNzU3Zg

42 B
302 B

210ms
209ms

Script
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCKObmqYGEgUI6AcQAEIASiA0ZmYzMjY1NzNmYjM0YzZhYjY2ZGUwMzczYzhmNzU3Zg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCKObmqYGEgUI6AcQAEIASiA0ZmYzMjY1NzNmYjM0YzZhYjY2ZGUwMzczYzhmNzU3Zg
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId}&...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dCentro%26api-tier%3d2%26uid%3...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4ff3265...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4...
https://cks.connatix.com/cks?pid=9&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Centro&api-tier=2&uid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0

159 B
265 B

13ms
12ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=9&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Centro&api-tier=2&uid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660d3e1be24409f7855bb0aeb45e690b920335e818d11ba766b7ea9aad90c0fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece08fba91bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://cks.connatix.com/cks?pid=9&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Centro&api-tier=2&uid=c10224d0-0905-403f-9654-b15272fd1899-64c68da3-5347&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://cks.connatix.com/cks?pid=10&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SpotX&api-tier=2&uid=e6d107c4-2ef4-11ee-be8a-195c47230407

146 B
255 B

15ms
14ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=10&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SpotX&api-tier=2&uid=e6d107c4-2ef4-11ee-be8a-195c47230407
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de01d6741e22757436c309ec8d3dfa960df905f8be9df91d731ef6f03c1480da

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecde5cd591bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Sun, 30 Jul 2023 16:19:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cks.connatix.com/cks?pid=10&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SpotX&api-tier=2&uid=e6d107c4-2ef4-11ee-be8a-195c47230407
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://connatix-supply-partners.tremorhub.com/sync?UISCX=4ff326573fb34c6ab66de0373c8f757f&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dTel...
https://cks.connatix.com/cks?pid=5&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Telaria&api-tier=2&uid=ea1a16710bb14344a58413ebc07a9f21

141 B
250 B

12ms
12ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=5&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Telaria&api-tier=2&uid=ea1a16710bb14344a58413ebc07a9f21
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f8508d8c5dca02ece74542e9b87777125ec67d86b00755eb3cb82caa7f1fd6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece06f9891bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=5&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Telaria&api-tier=2&uid=ea1a16710bb14344a58413ebc07a9f21
date: Sun, 30 Jul 2023 16:19:47 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=487429a916cbf691919fa35f7822a0&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

0
232 B

208ms
208ms

Script
application/json

104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=487429a916cbf691919fa35f7822a0&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece2dd336bd0-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jul 2023 16:19:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=487429a916cbf691919fa35f7822a0&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1690733988260099-48
Expires: Sun, 30 Jul 2023 16:19:48 GMT

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame D7D8 0
0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSundaySky%26api-tier%3d2%26uid%3d%24{ssky_uuid}&gdpr=0
https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dSundaySky%26api-tier%3d2%26uid%3d%24{ssky_uuid}&gdpr=0&_...
https://cks.connatix.com/cks?pid=1&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SundaySky&api-tier=2&uid=d6.50035bc9ba8a414880a36e89df97569a

144 B
253 B

14ms
14ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=1&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SundaySky&api-tier=2&uid=d6.50035bc9ba8a414880a36e89df97569a
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30f33681084b8df4a99ef0c43edf1d19ce6ae065555a5db06ee8318f3ee6f7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece43d0a91bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=1&ev=4ff326573fb34c6ab66de0373c8f757f&pname=SundaySky&api-tier=2&uid=d6.50035bc9ba8a414880a36e89df97569a
date: Sun, 30 Jul 2023 16:19:48 GMT
x-content-type-options: nosniff
content-length: 0
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dResetDigital%26api-tier%3d2%26uid%3D%24USER_I...
https://cks.connatix.com/cks?pid=35&ev=4ff326573fb34c6ab66de0373c8f757f&pname=ResetDigital&api-tier=2&uid=00000106DDD2C5A6

126 B
241 B

15ms
15ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=35&ev=4ff326573fb34c6ab66de0373c8f757f&pname=ResetDigital&api-tier=2&uid=00000106DDD2C5A6
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543c7f1ed770cc135998d9b50cb1cdb4ab060f288df5bb91be34f59232f56f6b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece2ab0491bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=35&ev=4ff326573fb34c6ab66de0373c8f757f&pname=ResetDigital&api-tier=2&uid=00000106DDD2C5A6
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
content-type: text/html

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3d4ff326573fb34c6ab66...
https://cks.connatix.com/cks?pid=29&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Adelphic&api-tier=2&uid=737de7c6-2c30-461a-92bd-08a91b540027

146 B
255 B

10ms
10ms

Script
application/javascript

104.18.0.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=29&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Adelphic&api-tier=2&uid=737de7c6-2c30-461a-92bd-08a91b540027
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.0.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bed23f3faed61d930d977c5a0924469af1f9cbf231c28ace7c032241d19e03d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece44d1c91bf-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cks.connatix.com/cks?pid=29&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Adelphic&api-tier=2&uid=737de7c6-2c30-461a-92bd-08a91b540027
Date: Sun, 30 Jul 2023 16:19:48 GMT
Connection: keep-alive
X-CI-RTID: b0f17915-7190-4d59-8418-124a5d3ee47c
Content-Length: 177
Content-Type: text/html; charset=utf-8

GET
H3

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=4ff326573fb34c6ab66de0373c8f757f&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pn...
https://cks.connatix.com/cks?pid=26&ev=4ff326573fb34c6ab66de0373c8f757f&pname=Synacor&api-tier=2&uid=GDPR&direct=1
https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=GDPR&UserId=&tier=2

0
232 B

199ms
199ms

Script
application/json

104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=GDPR&UserId=&tier=2
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeece29cb66bd0-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 30 Jul 2023 16:19:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://capi.connatix.com/core/us?DemandPartner=26&DemandPartnerUserId=GDPR&UserId=&tier=2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7eeeece28ad191bf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0

GET cm
us-u.openx.net/w/1.0/ Frame ED30 0
0

GET cksync
cs.media.net/ Frame ED30 0
0

GET

report
capi.connatix.com/us/google/ Frame ED30
Redirect Chain

https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NGZmMzI2NTczZmIzNGM2YWI2NmRlMDM3M2M4Zjc1N2Y&extra1=4ff326573fb34c6ab66de0373c8f757f&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
https://capi.connatix.com/us/google/report?extra1=4ff326573fb34c6ab66de0373c8f757f&gdpr=0

0
0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 29ms
5ms Script
application/javascript 52.84.228.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-19.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:06:12 GMT
content-encoding: gzip
via: 1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront), 1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN2-C1
age: 816
x-amz-server-side-encryption: AES256
etag: W/"93708b50a97059783aafdf3c6548167d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: nToWbv8SoLD2oh5ZK6Q3XS9x1fpX_87jfyyhAK3OQSczy4avTrIAdg==

GET
H2 200 IIQUniversalID.js Show response
a.pub.network/core/intentIQ/20230622/ 55 KB
13 KB 13ms
13ms Script
text/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 177090
x-guploader-uploadid: ADPycdtRm65Hs5nAsmqiosxRUdiQ4dLJRDnOflTWxHLrpYlW8cmQmFbjEy-X1OanbXFdFGyBwU0Qdft58petOnPyllg_Xw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 22 Jun 2023 23:15:14 GMT
server: cloudflare
etag: W/"c45a15a8a50c2a275e14695cf631d08d"
vary: Accept-Encoding
x-goog-hash: crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation: 1687475714790007
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 56442
cf-ray: 7eeeecdb3c1406ab-SIN
expires: Sun, 30 Jul 2023 17:19:47 GMT

POST
H3 200 84d049f10cebd9dad848c6b8c87d6610444421961df09da Show response
functionalfeather.com/create/42dc2f8/ 202 B
229 B 78ms
70ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/create/42dc2f8/84d049f10cebd9dad848c6b8c87d6610444421961df09da

Requested by

Host: functionalfeather.com
URL: https://functionalfeather.com/scripts/029ae298256b2ed8ae3a727d89d869756f97e3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

7f113bab07d6be0b1142e6e1554ca606872ec7ac2fe450da7209eba178cbd3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
x-buildnumber: 946550297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
x-hostname: fen-hoothoot-asia-east1-spot-shtg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sun, 30 Jul 2023 16:19:46 GMT

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 92 B
933 B 259ms
231ms XHR
text/html 18.155.68.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=313_1690733987092&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=www.bleepingcomputer.com&japbjs=true&japs=false
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-40.sin52.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: a58f15789e19bd759c2869912cf304895a6efebb6545285f39be7282efd8f943

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: Apache-Coyote/1.1
vary: Origin
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 3600
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: qrTfyNLRbqElMQSsj81Nhzeclp721BmrfCGqVMae6u8TevfVBsiaeQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrnd...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrn...

43 B
962 B

290ms
233ms

Image
image/gif

18.155.68.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrnd=342_1690733987093&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=v2NtfahRZN&nc=false&trid=325468713
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 18.155.68.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-39.sin52.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
via: 1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: XowTP7CX_m3c1rWkbPEZ5XZGeA7m9GmxmrnTC4DPQ_qKhuKUNek54Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=7018&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&iiqpciddate=1690733987092&tsrnd=342_1690733987093&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=v2NtfahRZN&nc=false&trid=325468713
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: rKZYqDey9qE_dSpbj8sjFfG7XaUiIMVOrjqMgkFAV-W1jO7OnCTSwg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
142 B 213ms
211ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
67 B 211ms
210ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=FMlkc31G&w=5733492711227392&o=5714937848528896&cv=2.1.16-1-g6ebe2ee&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&sid=B2R6tFMM&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H3 200 us Show response
capi.connatix.com/core/ Frame ED30 0
331 B 220ms
211ms XHR
application/x-protobuf 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?v=304133&tier=2
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb7af044c6-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

POST
H3 200 us Show response
capi.connatix.com/core/ Frame ED30 0
295 B 219ms
210ms XHR
application/x-protobuf 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?v=304133&tier=2
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb7af444c6-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 1d729dcfac295022447460b8819476ab.js Show response
www.gstatic.com/mysidia/ Frame D30D 9 KB
4 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d729dcfac295022447460b8819476ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3961
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 10:00:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D30D 2 KB
973 B 19ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 05:06:14 GMT

GET
H2 200 ab8e0717c0824dec3358cc582de4ac32.js Show response
www.gstatic.com/mysidia/ Frame D30D 22 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab8e0717c0824dec3358cc582de4ac32.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f20f13c3144f5850d1d3d75d6d6a2b69e4f6a76429f483a883b2aef39b94ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 22:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9293
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 22:13:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame D30D 23 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 23:03:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D30D 3 KB
1 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:10:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D30D 20 KB
9 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 23:03:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D30D 179 KB
57 KB 18ms
6ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 16:19:47 GMT

POST
H3 200 us Show response
capi.connatix.com/core/ Frame ED30 0
295 B 208ms
208ms XHR
application/x-protobuf 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?v=304133&tier=2
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7eeeecdb9b1844c6-SIN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 17413942535891055416
tpc.googlesyndication.com/daca_images/simgad/ Frame D30D 164 KB
165 KB 9ms
5ms Image
image/png 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17413942535891055416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bb14fae326fed8f0aebe53d99225c2287e93c5c5cd4a55296f16d308978c94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 00:14:19 GMT
x-content-type-options: nosniff
age: 230728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168147
x-xss-protection: 0
last-modified: Thu, 28 Apr 2016 01:30:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 00:14:19 GMT

GET
H2 200 14805325514948094214
tpc.googlesyndication.com/daca_images/simgad/ Frame D30D 243 KB
243 KB 38ms
34ms Image
image/png 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14805325514948094214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ede974aebea1c32adc57a63ab94c7c89eb4d0892f80348ae5711fd0e17d6834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248984
x-xss-protection: 0
last-modified: Thu, 05 May 2016 08:47:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jul 2024 16:19:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3592668941511088543/ Frame D30D 98 KB
98 KB 18ms
14ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3592668941511088543/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b385787b37a7fce8999253a0dd0ae5af794c5fd3e788c758bba6123133d10bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 10:52:37 GMT
x-content-type-options: nosniff
age: 106030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100244
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 15:42:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 10:52:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12025750470379818210/ Frame D30D 135 KB
135 KB 24ms
20ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12025750470379818210/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f3506ee3b0f5e93abcf51eea6f7b160891e0cf8f09dd3bd8d5a23dbc579c86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:25:39 GMT
x-content-type-options: nosniff
age: 125648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138103
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 20:13:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 05:25:39 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2582969081766889212/ Frame D30D 35 KB
35 KB 21ms
19ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2582969081766889212/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

876efc8b7034582a6ba2de7a442982edb680a65c13fae1e6ab8169d2f0c9b591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:28:19 GMT
x-content-type-options: nosniff
age: 237088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35532
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 09:53:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 22:28:19 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15454726260519237468/ Frame D30D 80 KB
81 KB 20ms
18ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15454726260519237468/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2676ee15567b3ebc03428221c939b6df0a36ebc346ecea8ad7b91638e4212050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 18:40:14 GMT
x-content-type-options: nosniff
age: 77973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82382
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 14:44:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 18:40:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/804363756326766433/ Frame D30D 52 KB
52 KB 20ms
18ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/804363756326766433/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965505b2b0f6a195067c05b354312f23aeec44b140cea2df33c6763d92638e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:26:43 GMT
x-content-type-options: nosniff
age: 215584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53063
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:14:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 04:26:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3745495821291842056/ Frame D30D 58 KB
58 KB 23ms
21ms Image
image/jpeg 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3745495821291842056/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd1d8df140440c484121a3587bb59bd016a54e2a7d1798982a6f69a3bbd40f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:06:45 GMT
x-content-type-options: nosniff
age: 220382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59338
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 09:12:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 03:06:45 GMT

GET
DATA 200
OK truncated
/ Frame D30D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c505624298bf32f880b428c0ca9c20d669034026ffebb910e84158a8e48854d8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D30D 0
19 B 16ms
15ms Image
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1TG_oo3GZKfxMarmz7sPq76DkAGAkPO0cYHZn-unEbCQHxABIMeD_AEoCGC_BaABmOSvkgHIAQGpAosOvUfWMqk-qAMByAMCqgSxAk_QlkxX6t-pYX8SmjhR5edxW4_yuZuOmE7kfseJCMu-zZeWfkNLp6o62n7qM9wpd1GXHMWs6pDRa2nHbCN_vPp5yvMJqcqeAznOrywo5TP-4prvYdYORNHXkLghfKeT-I6bplWdqW8IksGNel97J90ZaEGbseWDSiCckMG9uTwgAfhq0AjeuAZRCCvqi0fixTUFu6-Wk8ow-Vv7wLKPxMj2OpIpK6mmChSt9wuauU3Or0goNthQ1up4Gb-jLN2rwcF1hr2KeX8EoJGj_Ua36w6nZOlOC6NqLDP1qdiG0nrtGvFqw9oZ0OuTGHnu_d_A-VnAWA2t6DDo-xlFWWpc96p_l66SXVSk3xcO3rbABeLMP5sWTBEd3kqQtFzjwg1NMEP_AYUa7jGuVc1lVIrJMToywATX0ZfdlwSSBQQIBBgBkgUECAUYBKAGZoAH0JvQ7QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCplgPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTCogUCdAVAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=bji424JAjB4&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&cbvp=2&vis=1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 16:19:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D30D 0
19 B 22ms
19ms Image
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL3CGoo3GZKfxMarmz7sPq76DkAHojufVba_c-pKcEMCNtwEQAiDHg_wBKAhgvwWgAbGD08kDyAEBqQJFYi3W3zaBPqgDAcgDAqoEoQJP0PsJ1fPGk1jMoYNXUeW-PVWG8qyCiZFK6HzajAnaqZHamnyU8KGVMd0ypzbcw6w6lQDFqOnZxGsxx2x6M7Lzed_qDqDOkgEky649P7l-8uDYrmrEChiNwZauJme6nq7JkqRdk75uVt7SmjIGbi3fHmEL2aj2lBVumpqD8bs8LBvjcNdWhKYbTU1094NV8o13C6-uitaGIflYpxdLj0VK9fNYm2-O5pbmRhbsd1KWFEWjuqE2u25Tj---oSyZGjdC9Ya9f498xGCRVgtFt-kMUpLqTguDv9ow9anYcyR57RrznTXZGdDrZu577_3eIR-kozh_mugw4U-6OllqTPeEZqDcqF1ujsg7DvaLN9gg4Bt214r2tv5wfUqtOWvw37FjwASJrLyzggSSBQQIBBgBkgUECAUYBKAGZoAHt_ysNqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMNiBQM0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=WIxzDMgzR6g&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&cbvp=2&vis=1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 16:19:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET adview
googleads.g.doubleclick.net/pagead/ Frame D30D 0
0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D30D 0
19 B 20ms
17ms Image
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXPsqoo3GZKfxMarmz7sPq76DkAHRzLb3caX9o-SwEeT3_NryPBAHIMeD_AEoCGC_BaAB8frflinIAQapAi4HoaulLZI-qAMByAMCqgSqAk_Qxg9M6tmpYX8SmjhR5edxW4_yuZuOmE7kfseJCMu-zZeWfkNLp6o62n7qM9wpd1GXHMWs6pDRa2nHbCN_vPp5yvMJqcqeAznOrywo5TP-4prvYdYORNHXkLghfKeT-I6bplWdqW8IksGNel97J90ZaEGbseWDSiCckMG9uTwgAfhq0AjeuAZRCCvqi0fixTUFu6-Wk8ow-Vv7wLKPxMj2MpKcLUr0jW1gDOZxWJAkRJO72DPCawCOob9WL5tewgWAhT1_en8xo5GW_kZC6g5SZem7CIOfLxMAqthz0XoYGfOfwNjs0-tmG3gb_t8g_6P0v1UQ96aiLTTDEuRlMkyKT1_Iz-l6WiqcaoMX-odh8L4zRscU9VJ9RruGb8idHG3nvn6H06M4jeTABO6QzZGqBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfxsrD2A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=6CJJap-znpg&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1643380172&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690733986654&bpp=4&bdt=542&idt=132&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&correlator=8625009206862&frm=20&pv=2&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076341%2C31076409%2C31076446%2C44788441&oid=2&pvsid=355641462112437&tmod=463756917&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=q2vpWhOSf3&p=https%3A//www.bleepingcomputer.com&dtd=147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 16:19:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET adview
googleads.g.doubleclick.net/pagead/ Frame D30D 0
0

POST ucl
capi.connatix.com/tr/ Frame ED30 0
0

GET ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame ED30 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
27 KB 15ms
14ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/304133/connatix.playspace.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da8a96c3f33e2470eaa2111b3674d32e74aededbacbd9ec926f80828688e6287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28082
x-xss-protection: 0
server: cafe
etag: 747 / 19568 / 31076567 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 16:19:47 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame ED30 0
0

GET 4de7bdef-fbe5-4f0a-a010-003ac2d680f5.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame ED30 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6293 0
0 35ms
34ms Document
text/html 23.35.184.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D4ff326573fb34c6ab66de0373c8f757f%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.184.203 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-184-203.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=62634
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Sun, 30 Jul 2023 16:19:47 GMT
expires: Mon, 31 Jul 2023 09:43:41 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 190ms
189ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 7eeeecddbcfc3d35-SIN
content-length: 0
content-type: application/json
date: Sun, 30 Jul 2023 16:19:47 GMT
debug: rtd-nx-sv
server: cloudflare

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 184ms
184ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 7eeeecddcd043d35-SIN
content-length: 0
content-type: application/json
date: Sun, 30 Jul 2023 16:19:47 GMT
debug: rtd-nx-sv
server: cloudflare

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 105ms
34ms Preflight
application/json 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 30 Jul 2023 16:19:47 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 247164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 28ms
4ms Script
application/javascript 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 06 Aug 2023 16:19:47 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 608 KB
162 KB 151ms
57ms Script
application/x-javascript 23.35.185.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.185.56 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-185-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 07fe03950dbe28bf4f530574f1200db6a228e4ebba2861e349262c9c0fc5f3d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:19:47 GMT
Content-Encoding: gzip
x-amz-request-id: TY89BBPSF1VBKKY1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: MOD+/B9NYBdvv3fevVBaRu66t8SdMjmJWFzZrpV1uwuaGhOk9SZZuYMyhd+/2elDX9raJ9x/pKA=
Last-Modified: Thu, 27 Jul 2023 15:10:59 GMT
Server: AmazonS3
ETag: "d9238b6d6d07f0e4346a27179c16d42f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
83 B 193ms
192ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 7eeeecdeeedc3d35-SIN

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
86 B 195ms
194ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 7eeeecdeeed73d35-SIN

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=E6gTy3xxQXdXemdtdmFhNFBOSUxmZm0zaWt6SStFT1dmS0lkTlBVMHExcGVmUFJsb0Z1M3BYRGt5QzdjWFlyQ3JwM2xzQjBpazhtQkZwcmtpZmYrejdudkNGUWRYTnZjcmpPMnZqSTRHT0tKUUJiaGx1Z0dDOUs4UDJZNU...

380 B
662 B

15ms
4ms

XHR
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=E6gTy3xxQXdXemdtdmFhNFBOSUxmZm0zaWt6SStFT1dmS0lkTlBVMHExcGVmUFJsb0Z1M3BYRGt5QzdjWFlyQ3JwM2xzQjBpazhtQkZwcmtpZmYrejdudkNGUWRYTnZjcmpPMnZqSTRHT0tKUUJiaGx1Z0dDOUs4UDJZNURTaVhPODAwRkxBUlJadm93bzFwTlJrNEU4MUVFbFpQRUlSUVpidVRKVXBXMGt2Q2VpRi90K2FxQ1p3ZXQ3QXZQdU1TRGJhUFVDeFBGZHZIV01VdytweldmSlBQVGpyc3NzM0dYaGd3QW1PblQ2Z1JMVEY3ZThETmZYY2h2UXk2czRvNDFaVm9pfA&cppv=2

Requested by

Host: blank
URL: about:blank

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

7d1f2acdc1df5eae58da15cefa37dbe3c99e8e0cd85916cd193fb1482e53cb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 974617
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://mug.criteo.com/sid?cpp=E6gTy3xxQXdXemdtdmFhNFBOSUxmZm0zaWt6SStFT1dmS0lkTlBVMHExcGVmUFJsb0Z1M3BYRGt5QzdjWFlyQ3JwM2xzQjBpazhtQkZwcmtpZmYrejdudkNGUWRYTnZjcmpPMnZqSTRHT0tKUUJiaGx1Z0dDOUs4UDJZNURTaVhPODAwRkxBUlJadm93bzFwTlJrNEU4MUVFbFpQRUlSUVpidVRKVXBXMGt2Q2VpRi90K2FxQ1p3ZXQ3QXZQdU1TRGJhUFVDeFBGZHZIV01VdytweldmSlBQVGpyc3NzM0dYaGd3QW1PblQ2Z1JMVEY3ZThETmZYY2h2UXk2czRvNDFaVm9pfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 312529
content-length: 0
expires: 0

GET
H3

200

ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/
Redirect Chain

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000&ckls=true&ci=gs7v87sowi&...

80 B
684 B

228ms
228ms

XHR
text/html

18.155.68.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000&ckls=true&ci=gs7v87sowi&nc=false&trid=eb9635eb-4e35-42ef-83ae-36f103b82af4
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 18.155.68.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-40.sin52.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 5e4021507a687d4e36f06ad22ac66799995f05eb4f039870d08b10b81cc52a90

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 dff3fc94ddb54b32b708edf2668b23d2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: Apache-Coyote/1.1
vary: Origin
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 3600
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: Bnv7Wz1403VQKB1FN3Yx0XyIZGENjsspZpX_oEEZJpb17sr18XHGMg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
server: Apache-Coyote/1.1
vary: Origin
access-control-allow-methods: POST, GET
content-type: image/gif
location: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=9404a4be-5cd5-487f-ac58-30df0d913530&cttl=43200000&ckls=true&ci=gs7v87sowi&nc=false&trid=eb9635eb-4e35-42ef-83ae-36f103b82af4
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 3600
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: -VnH2lrYTzrbfF4SVJQ0exDpWSf8NuLW2Xw7S2703Bw28NJWJcKDDg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
658 B 5ms
5ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: d5e7e1b468a902e11f9c269a2b62c297690cfe3f709639bb2756ba6d0bc73b4c

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 29 Aug 2023 16:19:47 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 31ms
15ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 37BE0MGKXEJ73WW2
age: 3550
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7eeeecdfab723fdd-SIN
x-amz-id-2: z4n2HpOSYUKrl8dLPVyZeLtUQwilaGwLC/4f7BDL2IiMOdueNcP2I8Py0hyItl5fumvZGS9GmA4=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 1617ms
176ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Jul 2023 16:19:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 17982
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bom4736-BOM
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 315ms
301ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 96c35c83e6bbfc390f02d7be930b47bb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 17ms
4ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:45:48 GMT
content-encoding: gzip
age: 131639
x-guploader-uploadid: ADPycdvQ82ZQL8Yxmg-7cw9KWf0CCIc3llhaBfrU4w1W1j9t-z6FlXQLxofVsyOSg7JjaiNbfJg8I5_lILovkKSsHLO8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 28 Jul 2024 03:45:48 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 35ms
4ms Script
text/javascript 13.224.249.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-77.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:16:12 GMT
content-encoding: gzip
via: 1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 65016
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Vtdh-VPY2YpenTprQiVo042iKoeTEQBR7z6yK07bj9Q1XJ9RxeAaDw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 28ms
5ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 Jul 2023 16:19:47 GMT

POST
H3 200 c823241846803386c7d5baa14cb2e4d7efcd8d94c7464e90 Show response
functionalfeather.com/b659d7/ 3 B
27 B 54ms
54ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/b659d7/c823241846803386c7d5baa14cb2e4d7efcd8d94c7464e90

Requested by

Host: functionalfeather.com
URL: https://functionalfeather.com/scripts/029ae298256b2ed8ae3a727d89d869756f97e3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 google
x-buildnumber: 946550297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
x-hostname: fen-hoothoot-asia-east1-spot-shtg
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D30D 0
0

POST
H2 200 cookie_sync Show response
s2s.t13.io/ 2 KB
853 B 68ms
55ms XHR
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 22a4ad25f6872f6af2d18956b318991caf2fea91f1b3d0e11bddae72ee2f9fba

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 632
expires: 0

POST
H2 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
539 B 448ms
439ms XHR
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 9b90259087fbdf064dc045a173b385a4a06b8c4710a0e92e42e0a855bc13474f

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/1.122.0
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 459
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
748 B 104ms
89ms XHR
application/json 18.138.156.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=about%3Ablank&tmax=692

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.156.86 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-156-86.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 400 cdb Show response
bidder.criteo.com/ 0
206 B 22ms
6ms XHR
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=33168888547&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 482 B
653 B 155ms
81ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: be4227c5631319f9c53262de180e376d894b717c2917bad4c7090e5559cf0a94

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 278

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 501 B
746 B 85ms
11ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: eb16af5b698a3a64d7d6e1622d4bb9b526c94fc719e9a741d162b2ba7b9c6e7c

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 370

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
432 B 221ms
207ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 202
alt-svc: clear
expires: Sun, 30 Jul 2023 16:19:47 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 26ms
6ms XHR
text/plain 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET trinity.json
apex.go.sonobi.com/ 0
0

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=5026211438562898588

86 B
117 B

50ms
49ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=5026211438562898588
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
an-x-request-uuid: 7436e58e-692f-4600-ac58-22452cc6b885
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=5026211438562898588
x-proxy-origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
364 B 99ms
8ms XHR
text/javascript 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=about%3Ablank&pid=SjsYEBrGh4W19&cb=0&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UqWG7gVu-KaQSaxEuZS2ImTjZzGPdBNyxJGW5g1azg4G_Fs7NQun_A==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
310 B 103ms
13ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 2Whd4Yu9WtdbnxP3fB_FMJt21lJbC8zIPGYuZ8bdC8SMc5oHx83kXQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
309 B 105ms
18ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: fK9eycsNtkPsg9vHOEv9bIw12ZKIgaZoVc5pYwZHg2a_vuandTCECA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
311 B 97ms
15ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: gL6Euh5KSfDz7LtrF7gWVY3GbaulgGWXYO0GL63w1XE_Z68qdhRk5A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
362 B 88ms
8ms XHR
text/javascript 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=about%3Ablank&pid=SjsYEBrGh4W19&cb=1&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22554x312%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22554x312%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: zPMsFOOB-434g31kpsX6TekMm3F0tqATKquIXiQLmQfsjPPexOAY7w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 12ms
4ms XHR
application/javascript 52.84.228.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-19.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
date: Sat, 29 Jul 2023 22:04:30 GMT
x-amz-cf-pop: SIN2-C1
age: 65718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 5PlCo4ZgeLT486TA0EA9rWq94tck-FmmrBkG579LU6os5i-bBh0qsg==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
312 B 89ms
11ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: hvwp5tfQxAXEHOSigFAWfQzGUp3z5demvV38r9Hvzvxybko1NCDlJg==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
311 B 93ms
18ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: e8nrWZeRp6ULIzDbdwINEUIMjX6I5eoEVctcEqUlkP9q7rlRikqDSQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
312 B 91ms
16ms Fetch
image/gif 18.155.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: bZQF3Xk9OXdfDCG--GY75RR5DpDiscQa_YUCO76UDZOExKCryQZlUw==

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22about%253Ablank%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.65.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-65-200.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:46 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 8xCzeMrZ9pPt4PcbM69mFbs_QDB1aYDITKlc0PCxJobTnqtfwYGTvw==

GET rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 0
0

POST
H2 200 error Show response
pixel.quantcount.com/tag/ 0
160 B 32ms
5ms XHR
text/plain 2620:116:800e:21:46d:7e81:55ff:4c12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.quantcount.com/tag/error
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Jul 2023 16:19:47 GMT
access-control-allow-headers: Accept, Accept-Language, Content-Type, Content-Language
content-length: 0
access-control-allow-methods: POST, OPTIONS

GET
H2 200 pixel;r=1621776255;rf=1;a=p-UeXruRVtZz7w6;url=about%3Ablank;uht=2;fpan=1;fpa=P0-1839459380-1690733987685;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bleepingcomputer.com;dst=0...
pixel.quantserve.com/ 35 B
373 B 13ms
6ms Image
image/gif 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1621776255;rf=1;a=p-UeXruRVtZz7w6;url=about%3Ablank;uht=2;fpan=1;fpa=P0-1839459380-1690733987685;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bleepingcomputer.com;dst=0;et=1690733987687;tzo=0;ogl=;ses=29c3844c-d58a-46a5-b4d5-54ae0aac7b86;mdl=

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 20ms
4ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 30 Jul 2023 16:19:46 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 201919
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 auction Show response
s2s.t13.io/openrtb2/ 15 KB
7 KB 518ms
517ms XHR
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 1f30d5960035f788ed1af72952be13bdfc698944cdb259dbf523c90922c7f004

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/1.122.0
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7601
expires: 0

GET trinity.json
apex.go.sonobi.com/ 0
0

POST
H2 400 cdb Show response
bidder.criteo.com/ 0
205 B 7ms
7ms XHR
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=73135276192&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
504 B 250ms
104ms XHR
application/json 184.51.137.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.137.72 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-137-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 30 Jul 2023 16:19:47 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
122 B 75ms
74ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 68
alt-svc: clear
expires: Sun, 30 Jul 2023 16:19:47 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
827 B 122ms
122ms XHR
application/json 18.138.156.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=about%3Ablank&tmax=692

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.156.86 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-156-86.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:47 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 429 B
661 B 84ms
83ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6155175a927932a186ec1f3db95b3cfb50c7b9a68da6dc82a05ad00e10e59d40

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 286

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 331 B
610 B 17ms
14ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: b3c656a93216e083eb8aadefd040c2161a1acde9f8a06a8a245689c390afddf7

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 235

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 432 B
694 B 18ms
14ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 561b9af7d6840f2f93a05644f9afd99daf1f65e5fa8e79b4c20871aa29768a6c

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 319

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 523 B
680 B 92ms
88ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: f20fd949067e26b42c564013081374234f3dff456d45cdda7b8673ca4c685ab8

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 305

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 309 B
632 B 24ms
21ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 0cdc4be111692deafc37b6a0a3ce2d9e612976e12944c5539fe869f43045df55

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 257

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 792 B
847 B 18ms
16ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: d684387aaa27005f78c4c86e45e7e9285a5775480085c6cd4edb27fc9332f2d7

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 472

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 520 B
674 B 109ms
107ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 568f7a6d4aa959201830e4ef24ce558f748ca06d7c55cd2e505bf1e35cc4e879

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 299

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 384 B
669 B 24ms
22ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: a3b980433197b20e06013d1df08b5f0f20fb9a8715bd7dc7869f4a8207ed0c61

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 294

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 365 B
637 B 84ms
82ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 841d0df085c66bd3b4b47f64dcd5a73ee28b82943dbdd174023a1c5017069a58

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 262

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 452 B
668 B 84ms
83ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 72c44bb91e8df765a2bbf44c5990c11d6ad7287c9983b87deec074f9cdfbc7f4

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 293

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 663 B
812 B 14ms
13ms XHR
application/json 175.41.188.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.188.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-188-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 1660d893c55ec690c923d8349798b31c093c112db997e863514ca2c81a9c8a90

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jul 2023 16:19:47 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 437

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 8ms
8ms XHR
text/plain 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Sun, 30 Jul 2023 16:19:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
333 B 767ms
256ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bleepingcomputer.com
date: Sun, 30 Jul 2023 16:19:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=about%3Ablank&rid=esp
https://oajs.openx.net/esp?url=about%3Ablank&rid=esp&cc=1

85 B
195 B

210ms
209ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=about%3Ablank&rid=esp&cc=1
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6c5477394c184ed8db88b9806540b956a0136fd41c0e0974a08994b43fb2c545

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Quo0EV9m+wyxbCZ/2p9R7Hz6Jjk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 30 Jul 2023 16:19:48 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.bleepingcomputer.com
location: /esp?url=about%3Ablank&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
621 B 31ms
18ms XHR
application/json 13.228.22.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.228.22.200 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-22-200.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: da53b64fd6d7cda15cd4c4152ee075144d06695827ab0e96462a374d3a510fac

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
x-server: 10.42.10.143
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
185 B 250ms
249ms XHR
text/plain 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac167e0b409245014dd31c27011bd8331eb59c26e87145428545a79b984dbfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 51ms
51ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=1&d=&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 30 Jul 2023 16:19:48 GMT
expires: 0
fs-client-rtt: 4
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 138 B
161 B 47ms
47ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=1&d=&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/ff698f574ab54578aac29af7bb0053f7387d3f6d/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

3f24f65735499e60bbd36f8f24f9796258bdc327a944e521fc30dd979b2f93ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
fs-client-rtt: 3
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
296 B 1171ms
1171ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 38220363f1ba01826846a4161676eabc15b2300f1a3edbfb8f5be869158d9037

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 16:19:49 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 40933d53ff02cbf9245dae2d8a921525
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 316ms
302ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 30 Jul 2023 16:19:48 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 056ab6c0cddec71ad2d0c006d03faf1e

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
266 B 433ms
432ms XHR
text/plain 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=355641462112437&correlator=854150486839227&eid=31075591&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C320x50%7C728x90%7C554x312%2C300x250%7C300x600%2C300x250%7C300x600%2C320x50%7C728x90%7C970x90%7C970x250%7C554x312&fluid=0%2Cheight%2C0%2C0%2Cheight&ifi=4&adks=2050935381%2C3006093167%2C2209010219%2C6564752%2C4003487347&didk=2757413489~1410863669~1679461618~1679461617~2757140747&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D36bbd9%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%26fspbg%3Dfreestar%26hb_auction_id%3D37e9d641-cf4a-49b2-97be-cacbb24f6100%26freestar_path%3Dblank%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_728x90%26hb_format%3Dbanner%26hb_adid%3D150064fda3ceeac1%26hb_bidder%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.00%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D9c0a23%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3De2b310%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%26fspbg%3Dfreestar%26hb_auction_id%3D37e9d641-cf4a-49b2-97be-cacbb24f6100%26freestar_path%3Dblank%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_300x600%26hb_format%3Dbanner%26hb_adid%3D1517e2170bb5e5af%26hb_bidder%3Dappnexus%26hb_size%3D300x600%26hb_pb%3D0.01%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D36bbd9%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%26fspbg%3Dfreestar%26hb_auction_id%3D37e9d641-cf4a-49b2-97be-cacbb24f6100%26freestar_path%3Dblank%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_300x600%26hb_format%3Dbanner%26hb_adid%3D1527356e81670fd7%26hb_bidder%3Dappnexus%26hb_size%3D300x600%26hb_pb%3D0.01%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Db84a3b%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=fs_session_id%3D22fb02b3-0c0c-4f12-9ffe-aa34720c9c0d%26fs_pageview_id%3D675bbbe2c0588a77a63a84677cb5809f%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D3%26fs_clientservermask%3D23033323113103100212%26fs_testgroup%3Doptimised&sc=1&cookie=ID%3D1c0d06beeaf5ec1b-221029bab6e700fc%3AT%3D1690733986%3ART%3D1690733986%3AS%3DALNI_MZstGz4hVZjAMd4XlK-2MgDDVdTmA&gpic=UID%3D00000d313a3d0003%3AT%3D1690733986%3ART%3D1690733986%3AS%3DALNI_MacyGIrEzWAj-JieW02Iuq_w0nONA&abxe=1&dt=1690733988414&lmt=1643380172&adxs=-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=about%3Ablank&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=173679715.1690733986&ga_sid=1690733987&ga_hid=202702659&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRigjeW8mjFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAZmJjM2M0MjQ5MmZhNjMxODBkMTY5YzFhODlmMjE2ZDUzOTM4OWRhMTRkNTRmZDUwZmZkYWE0YzE5MDdlZmVmMxiykeW8mjFIABIZCgpwdWJjaWQub3JnGKGN5byaMUgAUgIIZBIXCghydGJob3VzZRihjeW8mjFIAFICCGQSFAoFb3BlbngYoY3lvJoxSABSAghk&dlt=1690733986113&idt=787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be913d38bb9f87229cf355f3e9249f209e54a4190ff3cbfe7a3a18f7346a6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f...
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3aLpIaJBB2Jd8SiNNrZB&gdpr=&gdpr_consent=&us_privacy=

86 B
117 B

52ms
52ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3aLpIaJBB2Jd8SiNNrZB&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:49 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:49 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3aLpIaJBB2Jd8SiNNrZB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=468f9b7f-eed8-4251-9e38-8136f234f213

86 B
115 B

51ms
50ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=468f9b7f-eed8-4251-9e38-8136f234f213
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:50 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Location: https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=468f9b7f-eed8-4251-9e38-8136f234f213
Date: Sun, 30 Jul 2023 16:19:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
https://s2s.t13.io/setuid?bidder=rubicon&uid=LKPND530-D-HIKX

86 B
117 B

50ms
50ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=rubicon&uid=LKPND530-D-HIKX
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:51 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s2s.t13.io/setuid?bidder=rubicon&uid=LKPND530-D-HIKX
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
Expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58280/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1
https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1&verify=true

0
121 B

8ms
8ms

Image
text/plain

18.143.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1&verify=true

Requested by

Host: blank
URL: about:blank

Protocol

Server

18.143.106.89 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58280/sync?uid=2fe476f0-113b-4325-b3b0-71a992c67ab2&_origin=1&verify=true
date: Sun, 30 Jul 2023 16:19:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://stags.bluekai.com/site/92145?id=468f9b7f-eed8-4251-9e38-8136f234f213&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=

43 B
235 B

83ms
83ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 16:19:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
date: Sun, 30 Jul 2023 16:19:51 GMT
content-length: 0
bk-server: 48d5
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=7GOR4OIzk-X3MpTu7WHf4ekxk-f3YJfh6WUoXSpu

68 B
280 B

18ms
4ms

Image
image/png

3.0.250.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=7GOR4OIzk-X3MpTu7WHf4ekxk-f3YJfh6WUoXSpu
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 3.0.250.224 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-250-224.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:51 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=7GOR4OIzk-X3MpTu7WHf4ekxk-f3YJfh6WUoXSpu
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg3RDc5NkItNkQ1MC00NDlFLUEwOUYtRTlFODc2NTMyNzRD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D687D796B-6D50-449E-A09F-E9E87...
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=687D796B-6D50-449E-A09F-E9E87653274C

68 B
279 B

4ms
4ms

Image
image/png

3.0.250.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=687D796B-6D50-449E-A09F-E9E87653274C
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 3.0.250.224 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-250-224.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:19:51 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=687D796B-6D50-449E-A09F-E9E87653274C
date: Sun, 30 Jul 2023 16:19:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 5ms
5ms Ping
text/plain 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je37q0&_p=202702659&cid=173679715.1690733986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1690733986&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F&dt=Hackers%20are%20taking%20over%20CEO%20accounts%20with%20rogue%20OAuth%20apps&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 16:19:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4ff326573fb34c6ab66de0373c8f757f%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d4ff326573fb34c6ab66de0373c8f757f%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d

Domain: cs.media.net
URL: https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d31%26UserId%3d4ff326573fb34c6ab66de0373c8f757f%26DemandPartnerName%3dMediaNet%26tier%3d2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0

Domain: capi.connatix.com
URL: https://capi.connatix.com/us/google/report?extra1=4ff326573fb34c6ab66de0373c8f757f&gdpr=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C53_8oo3GZKfxMarmz7sPq76DkAH7447jcd7z-4itEcjwze6rCRADIMeD_AEoCGC_BaABs_Hq_ijIAQapAi4HoaulLZI-qAMByAMCqgShAk_Q4R1I6t2pYX8SmjhR5edxW4_yuZuOmE7kfseJCMu-zZeWfkNLp6o62n7qM9wpd1GXHMWs6pDRa2nHbCN_vPp5yvMJqcqeAznOrywo5TP-4prvYdYORNHXkLghfKeT-I6bplWdqW8IksGNel97J90ZaEGbseWDSiCckMG9uTwgAfhq0AjeuAZRCCvqi0fixTUFu6-Wk8ow-Vv7uLGPhMjxOpINHKTFCxSt9wuauU3Or0goNthQ1up4Gb-jLN2rwcF1hr2KeX8EoJGj_Ua36w6nZOlOC6NqLDP1qdiG0nrtGvFqw9oZ0OuTGHnu_d_A-Vq_MWar6DCmzTNFWWpM95xq16OpXQLh7HsO9o032CDgG3b23qfc-3B9Sq05Psfd5GfABI_KzIqlBJIFBAgEGAGSBQQIBRgEoAY3gAezqbveA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=1pMuoOpj8CA&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C405ioo3GZKfxMarmz7sPq76DkAHhuLS9cefJsquCEcGhj5UBEAQgx4P8ASgIYL8FoAHO3ufkAsgBBqgDAcgDAqoEoAJP0LYAXeraqWF_Epo4UeXncVuP8rmbjphO5H7HiQjLvs2Xln5DS6eqOtp-6jPcKXdRlxzFrOqQ0Wtpx2wjf7z6ecrzCanKngM5zq8sKOUz_uKa72HWDkTR15C4IXynk_iOm6ZVnalvCJLBjXpfeyfdGWhBm7Hlg0ognJDBvbk8IAH4atAI3rgGUQgr6otH4sU1BbuvlpPKMPlb-7ixj4TI6zqSPTDT-AgUrfcLmrlNzq9IKDbYUNbqeBm_oyzdq8HBdYa9inl_BKCRo_1Gt-sOp2TpTgujaiwz9anYhtJ67RrxasPaGdDrkxh57v3fwPksgQ54rugwps0zRVlqTffbGpb2rV12vrgZDvZSHPog7A_z8IyyMfVSfUS7tnb-zBzABLbY0ryqBJIFBAgEGAGSBQQIBRgEoAY3gAeaoZibAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMNiBQC0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=6IjlPV9a7Nw&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C3_Gjoo3GZKfxMarmz7sPq76DkAGBx8W6cYzuuMfBEcCNtwEQBSDHg_wBKAhgvwWgAbTw7f4oyAEGqQIuB6GrpS2SPqgDAcgDAqoEngJP0LsJTOrbqWF_Epo4UeXncVuP8rmbjphO5H7HiQjLvs2Xln5DS6eqOtp-6jPcKXdRlxzFrOqQ0Wtpx2wjf7z6ecrzCanKngM5zq8sKOUz_uKa72HWDkTR15C4IXynk_iOm6ZVnalvCJLBjXpfeyfdGWhBm7Hlg0ognJDBvbk8IAH4atAI3rgGUQgr6otH4sU1BbuvlpPKMPlb-7ixj4zIJC15IPygf_D5RhbWcFKWXUGjuosypm7qjRr5Vi8ZXsJBgIW9v3p_MaORVvxGQuoOUmfJuwiDny8zAKrYc9F4GBnzn8Da7NPqZht5DvtEm3snEHTrryU45lc5Jsvh3DCfqkezdMdKfXJsK_xbPvY4JOL0vkIzHddcZcMY5j0HwATB2bO4qASSBQQIBBgBkgUECAUYBKAGN4AHtKi-3gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCplgPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=WA5_x6kSLkA&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=Cmyb0oo3GZKfxMarmz7sPq76DkAHF6bLdcZnxusPkEY-9nt6SDhAGIMeD_AEoCGC_BaAB7P7flinIAQapAi4HoaulLZI-qAMByAMCqgShAk_Q4WBM6tipYX8SmjhR5edxW4_yuZuOmE7kfseJCMu-zZeWfkNLp6o62n7qM9wpd1GXHMWs6pDRa2nHbCN_vPp5yvMJqcqeAznOrywo5TP-4prvYdYORNHXkLghfKeT-I6bplWdqW8IksGNel97J90ZaEGbseWDSiCckMG9uTwgAfhq0AjeuAZRCCvqi0fixTUFu6-Wk8ow-Vv7uLGPhMjlOpJjBdyyCxSt9wuauU3Or0goNthQ1up4Gb-jLN2rwcF1hr2KeX8EoJGj_Ua36w6nZOlOC6NqLDP1qdiG0nrtGvFqw9oZ0OuTGHnu_d_A-Re8c32r6DCmzTNFWWpM9-VAsbCoXR21tXYO9o032CDgG3bpiv7R-3B9Sq05R-2792bABN2d7f6sBJIFBAgEGAGSBQQIBRgEoAY3gAfstrD2A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=UW9XXWkvCD4&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=CYCLJoo3GZKfxMarmz7sPq76DkAHJwtf1cdXk9r6_EZ6ew56TPxAIIMeD_AEoCGC_BaABrZ2CwCjIAQapAsTRiD9jT3o-qAMByAMCqgSkAk_QknVu6tapYX8SmjhR5edxW4_yuZuOmE7kfseJCMu-zZeWfkNLp6o62n7qM9wpd1GXHMWs6pDRa2nHbCN_vPp5yvMJqcqeAznOrywo5TP-4prvYdYORNHXkLghfKeT-I6bplWdqW8IksGNel97J90ZaEGbseWDSiCckMG9uTwgAfhq0AjeuAZRCCvqi0fixTUFu6-Wk8ow-Vv7wLKPxMj2MpKcLUqWlnlFDOZxWJAkRJO72DPCawCOob9WL5tewgWAhT1_en8xo5GW_kZC6g5SZem7CIOfLxMAqthz0XoYGfOfwNjs0-tmG3gb_t8g_6P0v3w9mJqlADsFw2AvZU6pR-R_pAl7Wg-GOoUS0ojqNW4fYgmoc7ajZoEh7iFVo7EeXFrABP2Vi8yoBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAet1dKfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmWA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=hIChoNe8Huo&uach_m=[UACH]&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&template_id=492&cbvp=2&vis=1

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/ucl?v=304133

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=4ff326573fb34c6ab66de0373c8f757f

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/4de7bdef-fbe5-4f0a-a010-003ac2d680f5.bin

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1llm8HCIE52EHm-Ha6-05CxUKFFm3k9nj2saiodxu6adAP1UUyOdQGbsI66ODyGpLSa-oyCRPFDbpKP6PvpeWLiKymofnkfW1vztX7Xk8lY1DOathYwuKkiwTg3LFHDpK5wox6fK0sA&sai=AMfl-YR8A3j_zD6AxiRH7IgHActDNkRgWIPmzo8CCQ7Q4wtj0NROsFCK2QFqGX1clWMO66gfBtXV8GGiX7wa&sig=Cg0ArKJSzCh-PbsU7u7mEAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=17,1,254.5,203.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=524&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcAgsdmJn9mqSJpByAdSox2Xm0HxE6XCeVDRe37xXHfC21mMHnQamhxZ1pzFV5efcYPGBLn3jjmlctZDVfpiqQ_tD9_p5_J8PyjdiMoc0TKpOk_DmeoD75ZCXH--aaTg5z172EEIVL_g&sai=AMfl-YSuNJQLZ-BabpyWBYznjijAod9dL_1XKlYwKNLVuYPTe0uLGRrqEDZyz5R6A1X34Q9Sk70w7bgLpZ0b&sig=Cg0ArKJSzCteg1Ujl7WPEAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=17,211,254.5,413.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=528&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnCL4nK0J-1WAjTZMxwzAHV-KUftv06PKp68QYQAmzPFRxgzmKy6XD3FI0TwC_VKjxMe-DQUmpcdmF1W_i1IvioKuAuGiic28eogeNLUW3YqAXRrS_x_hZJNDhEgD9O4tycIa3gA_DBw&sai=AMfl-YTkKHIQ_pGDMY7Y26WFt_t_h0MCJZiGiePtUi9WGP5p_yNuvbU8W_PJ45qQLWvTAjJIzvf9JB_kjk9U&sig=Cg0ArKJSzJcmtlT5kBamEAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=17,421,254.5,623.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=530&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslVtAmqvkTfJ3IvOeA2ixzmCZaP_HqXNLTBTb_Vg3ij_IjA3fOqzCUhWpNKIEQ6JY6LIAW24sZNg9HkSylkVTLtO2jYzaNLdKNKLipvaNlT1JCISk-EOWKFpjwJhz1ZXFS13AYP_Oa3A&sai=AMfl-YSDHTJw4yi4PFoX2rA6J3IC2_nbjE8900a6CCzTtdH3iccd2UwTf-gFDog_j3ggio-Num2Z_2IiUa-L&sig=Cg0ArKJSzPjYuh-6LGztEAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=17,630,254.5,832.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=531&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_r2ejHH28vFcOaWggc7-V4lLkAasHiL8tAzvJjSF1BtRLHCA50D2ioLiUCUkb8xrUBvhXZRvLbSjLrNwxHfYhln1-TTw9pU5pVj1o6urkpWp1vQh2YbQZr9BGyQXYR1gzqq1kGho02Q&sai=AMfl-YSo0RiNjt-DuLTunY6lZ9POgyhZXQ-KdnBKV8VuNefUU-6No64a24VAuqgpHJFOJpcC-6to9dkABLxq&sig=Cg0ArKJSzJqRV20_xjw9EAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=262,1,499.5,203.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=533&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsux8E810yBVDjbwya7CIbThPK3YYDk5rPh5Zs3PSZkK1EMssirZtA-e0zlT1QcBVOkEM9MzRyIvcRoYP3m_G-YxBF0nog0mfJQ8jEAblDxfJTuPiejRRnH7uBHXBxCED6qHjinYzG6OvQ&sai=AMfl-YTOtir8R2htIyOzyeG2tLxzquOiYPSeOAhsqmey5G06zw9JGBU1IZCpcjy4dDcT8yKz_FG-5KRKtXX9&sig=Cg0ArKJSzH_AdxFpRxo6EAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=262,211,499.5,413.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=535&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvav5OTlH_jz9KVpvn7gy1s5O8cnO_jcdl7zru4y5F8M9Y9fbdUh2hI0O6hfxyqP0wRZfS9CSZWmo-8EOlvgPZmr9i3Xmp83cavTmB77PLqWeTc2kcST3Zlak3rAwLm6hxBBHCYvmvU3w&sai=AMfl-YRa-KoL0_MqC2GYok6prpUrzFtV9TlFgT03maU7MISsjbCYJPUMbt7sru7svbqIsIWagINZ8IOzj5Im&sig=Cg0ArKJSzGzT21PcQCA1EAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=262,421,499.5,623.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=536&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXtmqxlp8ybOg6OE9ZqPf03NuHu9IEGLvylYEf2S63cGExMPLK_9EO_a2krPhHZUBs9UkWJVZdyacRAXxaV4oK0pADrQClqUeR5enxm3LJv8LfbxbWYJQATIvnFljWq4wjQsav_pca0w&sai=AMfl-YRY2Zxr2INUICMgIRIdq37iwSSZd0flLmUXOE_AiyDQItUPjULucJ0zGq6Ukzv1ei_n1-AXhLXypVep&sig=Cg0ArKJSzAQiiqsO5yM_EAE&cid=CAQSGwBpAlJWqB7g_kOCRrfv2n0tDqpHILQPvx-tvRgB&id=lidartos&mcvt=0&p=262,630,499.5,832.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1690733986803&rpt=538&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2231e40d25c385bd6%22%3A%22c21411ebb9ead0ae6d7d%7C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Cc%3Dd%2C%22%7D&ref=about%3Ablank&s=dc63dd51-b4a6-4428-a8e2-b96fbbe4e266&pv=c24421c4-e513-4a6e-847a-bf021c2b189b&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=3&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22bleepingcomputer.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22bleepingcomputer.com%22%2C%22ext%22%3A%7B%22fs_company%22%3A412%7D%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%2C%22fs_site%22%3A535%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%2207374b17-c480-457d-854d-525acc311c6e%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22country%22%3A%22SG%22%2C%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22country%22%3A%22SG%22%2C%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Domain: rules.quantcount.com
URL: about://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2287db07d4fc03e6f%22%3A%22c21411ebb9ead0ae6d7d%7C970x250%2C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cc%3Dd%2C%22%2C%22880e8c26a2ab582%22%3A%22c21411ebb9ead0ae6d7d%7C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%2Cc%3Dd%2C%22%2C%22895dece510cefb1%22%3A%22c21411ebb9ead0ae6d7d%7C300x600%2C300x250%7Cgpid%3D%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Cc%3Dd%2C%22%2C%22906bcc22715990c%22%3A%22c21411ebb9ead0ae6d7d%7C300x600%2C300x250%7Cgpid%3D%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Cc%3Dd%2C%22%2C%2291b3e7370b8fd6c%22%3A%22c21411ebb9ead0ae6d7d%7C970x250%2C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cc%3Dd%2C%22%7D&ref=about%3Ablank&s=cb102f7e-28ba-4630-9f04-517ed529df05&pv=c24421c4-e513-4a6e-847a-bf021c2b189b&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=3&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22bleepingcomputer.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22bleepingcomputer.com%22%2C%22ext%22%3A%7B%22fs_company%22%3A412%7D%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps%2F%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%2C%22fs_site%22%3A535%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%2207374b17-c480-457d-854d-525acc311c6e%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22country%22%3A%22SG%22%2C%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22country%22%3A%22SG%22%2C%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: bb297209e16864a5f97d9ba2d450ed42
www.bleepingcomputer.com/	1970-01-20 14:22:05	Name: lav Value: 12937
.pub.network/	1970-01-20 23:14:53	Name: _fsuid Value: 07374b17-c480-457d-854d-525acc311c6e
.bleepingcomputer.com/	1970-01-20 13:40:20	Name: _gid Value: GA1.2.670173655.1690733986
.bleepingcomputer.com/	1970-01-20 13:38:54	Name: _gat_gtag_UA_91740_1 Value: 1
.bleepingcomputer.com/	1970-01-20 23:14:53	Name: _ga Value: GA1.1.173679715.1690733986
.bleepingcomputer.com/	1970-01-20 23:14:53	Name: _ga_GD465VRQLD Value: GS1.1.1690733986.1.0.1690733986.0.0.0
cdn.firstimpression.io/	1970-01-20 22:24:29	Name: OAID Value: 8fe383191be94050d17d0f14471b4991
.scorecardresearch.com/	1970-01-20 23:14:53	Name: UID Value: 197d89bbba63b70991a44ee1690733986
.connatix.com/	1970-01-20 14:22:05	Name: cnx_userId Value: 4ff326573fb34c6ab66de0373c8f757f
.bleepingcomputer.com/	1970-01-20 23:00:29	Name: __gads Value: ID=1c0d06beeaf5ec1b-221029bab6e700fc:T=1690733986:RT=1690733986:S=ALNI_MZstGz4hVZjAMd4XlK-2MgDDVdTmA
.bleepingcomputer.com/	1970-01-20 23:00:29	Name: __gpi Value: UID=00000d313a3d0003:T=1690733986:RT=1690733986:S=ALNI_MacyGIrEzWAj-JieW02Iuq_w0nONA
.connatix.com/	1970-01-20 13:38:57	Name: perf_timestamp Value: 1690733986923
www.bleepingcomputer.com/	1970-01-20 14:22:05	Name: cnx_userId Value: 4ff326573fb34c6ab66de0373c8f757f
.adsrvr.org/	1970-01-20 22:25:56	Name: TDID Value: d5241a23-0565-41d2-9b04-6de9303bf1c0
.3lift.com/	1970-01-20 15:48:29	Name: tluid Value: 221901828531360008247
.adsrvr.org/	1970-01-20 22:25:56	Name: TDCPM Value: CAEYBSABKAIyCwjy453e8MiIPBAFOAE.
.ctnsnet.com/	1970-01-20 22:24:29	Name: cid_137a6b61b9c64406ae828b43dfd926b4 Value: 1
.turn.com/	1970-01-20 17:58:05	Name: uid Value: 8037134907376619512
.bleepingcomputer.com/	1970-01-20 23:07:41	Name: _awl Value: 2.1690733987.5-5ada1b81871972cc8fb6e4accb5c0ce4-6763652d617369612d6561737431-0
.doubleclick.net/	1970-01-20 23:14:53	Name: IDE Value: AHWqTUlCHxkeHEOCJxHw_Dyz-u7cVyUwupE9QMJJJSTT3O3xaVf91VQ3EJTUryurCk8
.rlcdn.com/	1970-01-20 22:24:29	Name: rlas3 Value: MhlazTrW4Ng6Fr4r47uYq/iaFdrsCfEZMIF7BmU7Uzc=
.intentiq.com/	1970-01-20 23:14:53	Name: intentIQCDate Value: 1690733987241
.intentiq.com/	1970-01-20 23:14:53	Name: IQver Value: 1.9
www.bleepingcomputer.com/	1970-01-20 14:22:05	Name: _pbjs_userid_consent_data Value: 3524755945110770
.casalemedia.com/	1970-01-20 22:24:29	Name: CMID Value: ZMaNo6mDp5YM5xBfD.0b7QAA
.casalemedia.com/	1970-01-20 15:48:29	Name: CMPS Value: 5326
.casalemedia.com/	1970-01-20 15:48:29	Name: CMPRO Value: 5326
.spotxchange.com/	1970-01-20 14:19:13	Name: audience Value: e6d107c4-2ef4-11ee-be8a-195c47230407
.bleepingcomputer.com/	1970-01-20 14:19:13	Name: cookie Value: a20b42ee-24aa-4914-bb6c-88ce61ca7bd6
.rlcdn.com/	1970-01-20 15:05:17	Name: pxrc Value: CKObmqYGEgUI6AcQAA==
.adnxs.com/	1970-01-20 15:48:29	Name: uuid2 Value: 5026211438562898588
.bidr.io/	1970-01-20 23:07:27	Name: bito Value: AAI2HE7JjRsAACceoFTF5Q
.bidr.io/	1970-01-20 23:07:27	Name: bitoIsSecure Value: ok
.csync.loopme.me/	1970-01-20 15:51:22	Name: viewer_token Value: 26c44ff8-0e87-4016-bb9e-71398e1d4f66
.sitescout.com/	1970-01-20 22:24:29	Name: ssi Value: c10224d0-0905-403f-9654-b15272fd1899#1690733987514
.contextweb.com/	1970-01-20 22:17:17	Name: V Value: VUmNLk5FobM0
.contextweb.com/	1970-01-20 22:24:29	Name: pb_rtb_ev Value: 3-1m0b\|7Xz.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4cc3767b3ab9be0a
.sharethrough.com/	1970-01-20 14:22:05	Name: stx_user_id Value: e814c833-98f7-4f5c-bf7d-dacb4071a513
.bleepingcomputer.com/	1970-01-20 23:00:29	Name: cto_bundle Value: 08PpkV9kVGZER1BuaGpTblZ1QmVCeUcyciUyRnJTSE11dktlaExDR0ZFTGZWb3VsUGhXS1FuYzlsN0F0RjhRZmNNbVdzdnZteFJIOXdvckNQNHRzJTJGREtzcVhQdG10bEdENVUlMkZNOW0zMFh1cnNOa1U1VzUlMkZzNVZ2cWV4RFpqbUpyVHNSRkhK
.bleepingcomputer.com/	1970-01-20 23:00:29	Name: cto_bidid Value: GCV4D19KVFhNNjJHWEN1WGRONW5iY2dLTkVnS255NmY4MTdZcTM2UnFEYVBqNlBkb0FldW1mTW04N3o0RFBzTnhGeDQxMjN6eVFyd0tHbGpKWUx2a0xVZ05RTW1Sbjl5JTJCZ3Zwc3hhWVdSZEJ3SDJZJTNE
.sitescout.com/	1970-01-20 14:22:05	Name: _ssuma Value: eyIzOSI6MTY5MDczMzk4NzY3NSwiNyI6MTY5MDczMzk4NzY3NX0
.crwdcntrl.net/	1970-01-20 20:07:41	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:07:41	Name: _cc_id Value: b55760cffa75b2a2a87f89c0005be3dd
.crwdcntrl.net/	1970-01-20 20:07:41	Name: _cc_cc Value: "ACZ4XmNQSDI1NTczSE5LSzQ3TTJKNEq0ME%2BzsEw2MDAwTUo1TklhAIKUY72LQTQUAABn1guY"
.crwdcntrl.net/	1970-01-20 20:07:41	Name: _cc_aud Value: "ABR4XmNgYGBIOda7GEhBAQAdNQJb"
.tapad.com/	1970-01-20 15:05:17	Name: TapAd_TS Value: 1690733987837
.tapad.com/	1970-01-20 15:05:17	Name: TapAd_DID Value: a9191681-4c0a-497d-a62f-e98006c4f231
.intentiq.com/	1970-01-20 23:14:53	Name: intentIQ Value: v2NtfahRZN
.tremorhub.com/	1970-01-20 22:24:50	Name: tvid Value: ea1a16710bb14344a58413ebc07a9f21
.tremorhub.com/	1970-01-20 23:14:53	Name: tv_UISCX Value: 4ff326573fb34c6ab66de0373c8f757f
.tapad.com/	1970-01-20 15:05:17	Name: TapAd_3WAY_SYNCS Value:
www.bleepingcomputer.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.teads.tv/	1970-01-20 22:23:03	Name: tt_viewer Value: 61ef4c36-af04-4e26-ae3a-4eac359e4c12
.quantserve.com/	1970-01-20 23:09:08	Name: mc Value: 64c68da3-ef876-73fa1-7e732
.bleepingcomputer.com/	1970-01-20 23:03:22	Name: __qca Value: P0-1839459380-1690733987685
.bleepingcomputer.com/	1970-01-20 20:07:41	Name: _cc_id Value: b55760cffa75b2a2a87f89c0005be3dd
.bleepingcomputer.com/	1970-01-20 13:48:58	Name: panoramaId_expiry Value: 1691338788000
.bleepingcomputer.com/	1970-01-20 13:48:58	Name: panoramaId Value: fbc3c42492fa63180d169c1a89f216d539389da14d54fd50ffdaa4c1907efef3
.bleepingcomputer.com/	1970-01-20 13:48:58	Name: panoramaIdType Value: panoIndiv
.intentiq.com/	1970-01-20 23:14:53	Name: IQPData Value: 1744738764#1690733988052#0#1690733988052
.intentiq.com/	1970-01-20 23:14:53	Name: CSDT Value: UEQ6MTUwNzJfMCZUbFZqVmg5
.intentiq.com/	1970-01-20 23:14:53	Name: ASDT Value: 0
.openx.net/	1970-01-20 22:24:29	Name: i Value: 7359d415-2594-4ff9-892e-e0ed8305eddb\|1690733988
.technoratimedia.com/	1970-01-20 23:14:53	Name: tads_uid Value: GDPR
.resetdigital.co/	1970-01-20 15:48:29	Name: ckbk Value: 00000106DDD2C5A6
.sundaysky.com/	1970-01-20 23:14:53	Name: sskyu Value: d6.50035bc9ba8a414880a36e89df97569a
.sundaysky.com/	1970-01-20 23:14:53	Name: sskyCreationTime Value: 1690733988153
.ads.stickyadstv.com/	1970-01-20 14:22:05	Name: UID Value: 487429a916cbf691919fa35f7822a0
.sundaysky.com/	1970-01-20 13:48:58	Name: sskya Value: "e2N4Ont0czoiM3lkYzEwIix0OiJuaSJ9fQ=="
.ipredictive.com/	1970-01-20 22:24:29	Name: cu Value: 737de7c6-2c30-461a-92bd-08a91b540027\|1690733988399
.yieldmo.com/	1970-01-20 22:24:29	Name: yieldmo_id Value: 3aLpIaJBB2Jd8SiNNrZB%7C1690675200000%7C0
.bidswitch.net/	1970-01-20 22:24:29	Name: tuuid Value: 468f9b7f-eed8-4251-9e38-8136f234f213
.bidswitch.net/	1970-01-20 22:24:29	Name: c Value: 1690733990
.bidswitch.net/	1970-01-20 22:24:29	Name: tuuid_lu Value: 1690733990
.quantserve.com/	1970-01-20 15:48:29	Name: d Value: EFwBDQHLKcv7kwA
.pubmatic.com/	1970-01-20 13:40:20	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 15:48:29	Name: SyncRTB3 Value: 1691884800%3A220
.pubmatic.com/	1970-01-20 22:24:29	Name: KADUSERCOOKIE Value: 687D796B-6D50-449E-A09F-E9E87653274C
.yahoo.com/	1970-01-20 22:24:51	Name: A3 Value: d=AQABBKeNxmQCEEYCHsqFvUOjzaWL2OJn51kFEgEBAQHfx2TQZK9E8HgB_eMAAA&S=AQAAAhDSuksrvjzyuTpL3nwFHOU
.analytics.yahoo.com/	1970-01-20 22:24:29	Name: IDSYNC Value: 18yw~2d2g
.pubmatic.com/	1970-01-20 13:40:20	Name: pi Value: 156557:3
.pubmatic.com/	1970-01-20 15:48:29	Name: chkChromeAb67Sec Value: 2
.rubiconproject.com/	1970-01-20 22:24:29	Name: khaos Value: LKPND530-D-HIKX
.rubiconproject.com/	1970-01-20 22:24:29	Name: audit Value: 1\|m39UJR5TyzJMnPCO4VN5IRBEhhJCo8edAygkTh42zBR80O40QVPQDfjQJPFBS0c3Goh5L7nN1NhCqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXEd2ipNqlQm5ojjpYvBSJ78SbePZj6z0VDhpAC0fAcW+tHzXFmW1BbuaSTLB2UPG/uxZ2yO25km26A8GHEZIF+p
s2s.t13.io/	1970-01-20 15:48:29	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNTAyNjIxMTQzODU2Mjg5ODU4OCIsImV4cGlyZXMiOiIyMDIzLTA4LTEzVDE2OjE5OjQ4LjE3OTU3MDY4OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMS1BORDUzMC1ELUhJS1giLCJleHBpcmVzIjoiMjAyMy0wOC0xM1QxNjoxOTo1MS40NTIwNTM2ODdaIn0sImdyaWQiOnsidWlkIjoiNDY4ZjliN2YtZWVkOC00MjUxLTllMzgtODEzNmYyMzRmMjEzIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTNUMTY6MTk6NTAuNjY5ODUzMTc3WiJ9LCJ5aWVsZG1vIjp7InVpZCI6IjNhTHBJYUpCQjJKZDhTaU5OclpCIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTNUMTY6MTk6NDkuMjc2MjcwOTk5WiJ9fX0=
.bluekai.com/	1970-01-20 17:58:05	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 17:58:05	Name: bkpa Value: KJykM1WvyM9xHnXZFSDkrtk1e6DWbVI/qEjtyjSuUPcdlG9yCIcBRpoCoVT98dLpo2scZ/48kYNHi+jefIh9ssN6sevQpIYyvjuTMvF3/xRFO3SSEp+pAM4gLgRfSuU0lHKeD8nMhL7QN45Q//Qz+K+vVpt8w635/n0W0k237g0hMrTc1bTri9==
.bluekai.com/	1970-01-20 17:58:05	Name: bku Value: XVzO9vKBhZu7gw/M

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: about:blank Message: Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCKObmqYGEgUI6AcQAEIASiA0ZmYzMjY1NzNmYjM0YzZhYjY2ZGUwMzczYzhmNzU3Zg' because its MIME type ('image/gif') is not executable.
network	error	URL: https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4ff326573fb34c6ab66de0373c8f757f%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=33168888547&lsavail=1 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: about://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=73135276192&lsavail=1 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a.teads.tv
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
apex.go.sonobi.com
api.btloader.com
api.floors.dev
api.intentiq.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cds.connatix.com
cks.connatix.com
cm.g.doubleclick.net
cms.quantserve.com
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
d.pub.network
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
esp.rtbhouse.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
functionalfeather.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ctnsnet.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ins.connatix.com
invstatic101.creativecdn.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
offiee365.com
optimise.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
prebid.media.net
rules.quantcount.com
s.ntv.io
s2s.t13.io
s9.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.technoratimedia.com
sync1.intentiq.com
tag.escalated.io
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
vop.sundaysky.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
apex.go.sonobi.com
capi.connatix.com
cs-server-s2s.yellowblue.io
cs.media.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
rules.quantcount.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
103.71.26.126
104.18.0.32
104.18.1.32
104.20.59.209
104.254.148.252
104.26.13.6
111.235.137.30
13.114.88.218
13.126.105.99
13.224.249.77
13.224.249.88
13.227.254.14
13.227.254.18
13.228.22.200
13.33.33.50
130.211.23.194
139.5.84.243
162.19.138.116
165.227.251.217
172.253.118.156
175.41.188.45
18.138.156.86
18.138.96.199
18.143.106.89
18.155.65.200
18.155.68.39
18.155.68.40
182.161.73.136
184.51.136.126
184.51.137.72
184.51.138.68
2001:df2:a300:bbbb::135
207.65.33.76
207.65.33.78
207.65.33.82
23.207.181.216
23.35.184.203
23.35.185.56
23.35.185.76
23.37.147.207
2404:6800:4003:c00::5f
2404:6800:4003:c01::9d
2404:6800:4003:c02::5e
2404:6800:4003:c02::61
2404:6800:4003:c03::5e
2404:6800:4003:c04::84
2404:6800:4003:c04::9a
2404:6800:4003:c06::9d
2404:6800:4003:c0f::65
2404:6800:4003:c0f::9b
2404:6800:4003:c11::9d
2404:6800:4003:c1a::63
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2600:1901:0:7416::1
2600:1f18:612b:4280:deca:219:b07a:54cc
2600:9000:23d2:c800:8:48e:53c0:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700:20::ac43:4513
2606:4700::6812:15ce
2606:4700::6812:4a5
2620:116:800e:21:36b5:1576:d999:6e52
2620:116:800e:21:46d:7e81:55ff:4c12
2a04:4e42::485
3.0.250.224
3.209.255.232
3.33.220.150
34.102.146.192
34.107.140.113
34.107.148.139
34.111.113.62
34.111.152.239
34.120.135.53
34.160.128.112
34.160.152.31
34.96.70.87
35.186.193.173
35.190.39.111
35.190.60.146
35.213.12.39
35.214.196.76
35.71.178.8
42.99.140.195
52.7.166.254
52.84.228.19
54.151.239.45
67.199.150.82
69.173.158.64
74.125.24.149
74.214.196.131
98.98.134.241
009d1a6698693ef8a0b11179fc2d9918ceb10f07728b9805cb1c7edd0ae9a3ff
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07fe03950dbe28bf4f530574f1200db6a228e4ebba2861e349262c9c0fc5f3d2
0cdc4be111692deafc37b6a0a3ce2d9e612976e12944c5539fe869f43045df55
0d1eb4400ae415a6a8109d9a1825ba8a2dbed2b5205dc64cd4c5e41b437b0b5b
0d27c342b04aa666c036eb42d702e47fb759e8df9a9babc808a0fe4d3377e804
0f3506ee3b0f5e93abcf51eea6f7b160891e0cf8f09dd3bd8d5a23dbc579c86c
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5
161876a679c0f34035fb5b31da1e784215bf6aa8602f6c9b7fcddd4763c2e96f
1660d893c55ec690c923d8349798b31c093c112db997e863514ca2c81a9c8a90
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18fb150dd9554a0a5a71f7fbcce19268751a1dda7583ea5cef3aec73ce333f6e
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d47e88b3328b219484f0fffb0368c84d0e6b9f1bec2b4a8f1e07fbbe0431481
1e0e71d5765a0b81f92b38844db63ac4214be63c113d70e19a39f5893426432a
1e5a6a3649c5c96eeee90394ea974268d88bb63064bfcac963a8e5895cc5b64f
1f30d5960035f788ed1af72952be13bdfc698944cdb259dbf523c90922c7f004
22327d45d658f8a0244b2ce61448c6476e4057e51123111654bbd073ce6465c8
22a4ad25f6872f6af2d18956b318991caf2fea91f1b3d0e11bddae72ee2f9fba
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
2676ee15567b3ebc03428221c939b6df0a36ebc346ecea8ad7b91638e4212050
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
2ad79215aa954aaab77412ec7592d8cd223a7ed6f6b2c1ba5cb1f0ab60468359
2c86e1d9883034854b853ecd83002ef72ed99aaae3cef4fe1d982219f4e54128
2d0699fe75b9d4b558b1d3b7deb9c80c090ff8ce03fbb821ee5c8919320d8612
2fcf473614e83cd74823df3f13ca3edc1b156b81fcd4bdba076c5b6c3cacfc0a
2ff536c1b8274ab0a76b2155ad1efa21b3b7228e5236abf627e9a1eafdda2460
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
370a664a8626eb3f85a65af5b6297eee405bf429d24800d4cc95409b54bc09ea
38220363f1ba01826846a4161676eabc15b2300f1a3edbfb8f5be869158d9037
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bed23f3faed61d930d977c5a0924469af1f9cbf231c28ace7c032241d19e03d
3f24f65735499e60bbd36f8f24f9796258bdc327a944e521fc30dd979b2f93ac
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4f20f13c3144f5850d1d3d75d6d6a2b69e4f6a76429f483a883b2aef39b94ff6
543c7f1ed770cc135998d9b50cb1cdb4ab060f288df5bb91be34f59232f56f6b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561b9af7d6840f2f93a05644f9afd99daf1f65e5fa8e79b4c20871aa29768a6c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568f7a6d4aa959201830e4ef24ce558f748ca06d7c55cd2e505bf1e35cc4e879
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5e4021507a687d4e36f06ad22ac66799995f05eb4f039870d08b10b81cc52a90
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6155175a927932a186ec1f3db95b3cfb50c7b9a68da6dc82a05ad00e10e59d40
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
655bf6433ca47c0e0deaf1ee741999d198ef0cd98601974ebf72f1fbf596eb9e
660d3e1be24409f7855bb0aeb45e690b920335e818d11ba766b7ea9aad90c0fa
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6a177c29748268e19475d95be08d63dc9c847d9dc43ac712d8cf87700c37520d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5477394c184ed8db88b9806540b956a0136fd41c0e0974a08994b43fb2c545
6cd1d8df140440c484121a3587bb59bd016a54e2a7d1798982a6f69a3bbd40f7
6ceb921d1124a40606d7948ebe14e39dab583ab3f6bda0ae6b4bc676cfab05ce
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e7809c7a53d29fa4632862c034f7bb6bfee7eef6f3207404c8f168170780c66
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ede974aebea1c32adc57a63ab94c7c89eb4d0892f80348ae5711fd0e17d6834
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a
71bde46cab28e6cd4e008fe2f84ad39eb82aeb5b18d8234bd2aab288a4ca8717
72c44bb91e8df765a2bbf44c5990c11d6ad7287c9983b87deec074f9cdfbc7f4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7bb14fae326fed8f0aebe53d99225c2287e93c5c5cd4a55296f16d308978c94e
7d1f2acdc1df5eae58da15cefa37dbe3c99e8e0cd85916cd193fb1482e53cb3a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7db69c15e62e0b8f7e6fcf8afcb263abe172b860c77b5a0d2b610c52ee33f3f7
7f113bab07d6be0b1142e6e1554ca606872ec7ac2fe450da7209eba178cbd3ab
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
828f6683ae57e1eadb9427f2b4ca9496001268d6bbc6b440a09dc3b5b7cd06d7
841d0df085c66bd3b4b47f64dcd5a73ee28b82943dbdd174023a1c5017069a58
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
876efc8b7034582a6ba2de7a442982edb680a65c13fae1e6ab8169d2f0c9b591
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
911cdaf421bfdfdf43fed82374a1a49adfc7b92e8ea36eccfcd9860c304af655
92dad1d64aeb8e560f94f3183af2ea57a6862fb3a89a0c14a7f5a109211135f5
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
9327d98c330e29ec866eba20bed03812f67dacd2bdcb05d77d34559d9926dc7d
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
965505b2b0f6a195067c05b354312f23aeec44b140cea2df33c6763d92638e11
9a8b05cd707a47ba5ca8d535ce568c0f35670894a9b9377f28aea5dbf39e3a79
9b90259087fbdf064dc045a173b385a4a06b8c4710a0e92e42e0a855bc13474f
9b958877ae606a257a4f988bcec5e12dce02ca7fbfe496dcf6a2501335de5f1c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9be913d38bb9f87229cf355f3e9249f209e54a4190ff3cbfe7a3a18f7346a6bd
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b980433197b20e06013d1df08b5f0f20fb9a8715bd7dc7869f4a8207ed0c61
a43fc0ed2f7280379ce67734ba40e033dbd00f5f96e9b69a9d79dca22161d6ac
a4ad12e9444e1d8454f0dc35f8bbff3179e190c9f1890a0c13182b58c0081fe3
a4d882fdb18732487822da73ec6b6db7ae85bfc5f03bfb5c8726485f0b42b871
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58f15789e19bd759c2869912cf304895a6efebb6545285f39be7282efd8f943
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a8c7cd257728d984855d19cc6cb97fe579297d69279a26a47bb925bda39ccaf7
a8d5ddfd2b17ba6fbf78f65d8dbf690631d5a609102caea35467a6401ab3d669
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ac167e0b409245014dd31c27011bd8331eb59c26e87145428545a79b984dbfb4
acc9b594db67368ec37c4269726fd1ad820a6a165dd437e1fd67b4b5bf2e1901
af8c24ff69716670bf4951455fbbd471afdb4991ec1006db40baec14b75b4519
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b205c134248608e391ab07fe9a6ce37d25711a8dcae92da4f7b9e7f6fd6f5212
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b385787b37a7fce8999253a0dd0ae5af794c5fd3e788c758bba6123133d10bf9
b3c656a93216e083eb8aadefd040c2161a1acde9f8a06a8a245689c390afddf7
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc5cfbe3bf445af1f4dac6519026b69a5d8b1de622cde01aa5ac629d42f114d
be4227c5631319f9c53262de180e376d894b717c2917bad4c7090e5559cf0a94
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f7043abd5d0655b75f2cee7df064cdb94d138e77130dce29e5b40ff0ca6bd8
c505624298bf32f880b428c0ca9c20d669034026ffebb910e84158a8e48854d8
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbd67165c97bbda88c4fbcd3bef3e8b44e0f9637ac01236dcff81f9ffd4d0947
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d30f33681084b8df4a99ef0c43edf1d19ce6ae065555a5db06ee8318f3ee6f7e
d5e7e1b468a902e11f9c269a2b62c297690cfe3f709639bb2756ba6d0bc73b4c
d5f8508d8c5dca02ece74542e9b87777125ec67d86b00755eb3cb82caa7f1fd6
d684387aaa27005f78c4c86e45e7e9285a5775480085c6cd4edb27fc9332f2d7
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da53b64fd6d7cda15cd4c4152ee075144d06695827ab0e96462a374d3a510fac
da8a96c3f33e2470eaa2111b3674d32e74aededbacbd9ec926f80828688e6287
dacc6dc0ed976af7029618c11d31a693e7c6a0dc86c314a701378dd1c7664fe1
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
de01d6741e22757436c309ec8d3dfa960df905f8be9df91d731ef6f03c1480da
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
eb16af5b698a3a64d7d6e1622d4bb9b526c94fc719e9a741d162b2ba7b9c6e7c
f20fd949067e26b42c564013081374234f3dff456d45cdda7b8673ca4c685ab8
f29c683753e467eae157a27cccc8b998913df80a8ecf690f2df7fde0aa6ec2d4
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9963c6af4873cbc8ed3081beac5e446b138c3b270fbb3d9bf55dc6a8b51ee
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fb6b73f7a0310f0d051a95b34ccc27b15512d83a91a52d338532585647ba843d
ff32e139f647a0c17245a718df4c9f46c236e42dc77ca006d9206b8fc95e4537

www.bleepingcomputer.com Open in urlscan Pro 104.20.59.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

240 Requests

76 %HTTPS

32 %IPv6

75 Domains

111 Subdomains

70 IPs

9 Countries

3817 kBTransfer

9264 kBSize

90 Cookies

0 Outgoing links

Page URL History

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

76 %
HTTPS

32 %
IPv6

75
Domains

111
Subdomains

70
IPs

9
Countries

3817 kB
Transfer

9264 kB
Size

90
Cookies

240 HTTP transactions
4 data transactions