securityaffairs.com Open in urlscan Pro
2606:4700:3031::ac43:8cd3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Submission: On September 18 via api (September 18th 2023, 2:09:04 am UTC) from TR — Scanned from DE

Summary HTTP 323 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 80 domains to perform 323 HTTP transactions. The main IP is 2606:4700:3031::ac43:8cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 760454.
TLS certificate: Issued by GTS CA 1P5 on August 20th 2023. Valid for: 3 months.

This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	2606:4700:303... 2606:4700:3031::ac43:8cd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.99.78 13.32.99.78	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::6816:3bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:2111:9c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.65.104.49 3.65.104.49	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
23	2606:4700:303... 2606:4700:3037::ac43:9e3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2606:4700:10:... 2606:4700:10::6816:2560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	2600:9000:249... 2600:9000:2490:6600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 3	52.29.79.55 52.29.79.55	16509 (AMAZON-02) (AMAZON-02)
2 18	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 3	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
1 1	184.86.251.219 184.86.251.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
19	2606:4700:e6:... 2606:4700:e6::ac40:c41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
3 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	20.114.74.38 20.114.74.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.76.65.13 3.76.65.13	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:3fa9:14e5:74a3:7a1d	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.134.234.224 18.134.234.224	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.156.139.59 18.156.139.59	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
323	60

51 2606:4700:3031::ac43:8cd3 (United States)

ASN13335 (CLOUDFLARENET, US)

securityaffairs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-78.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2111:9c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.104.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-104-49.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.79.55 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-79-55.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.219 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-219.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:e6::ac40:c41d (United States)

ASN13335 (CLOUDFLARENET, US)

rtgcloudsql.2trk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.2trk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtgcdn.2trk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.2trk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.79 (United States) 2 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.74.38 (San Antonio, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.65.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3fa9:14e5:74a3:7a1d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.234.224 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-234-224.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France) 1 redirects

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.139.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-139-59.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	securityaffairs.com securityaffairs.com — Cisco Umbrella Rank: 760454	562 KB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com	330 KB
33	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 ad.doubleclick.net — Cisco Umbrella Rank: 165	249 KB
23	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 30275	8 KB
19	2trk.info rtgcloudsql.2trk.info — Cisco Umbrella Rank: 118452 cdn.2trk.info — Cisco Umbrella Rank: 85119 rtgcdn.2trk.info — Cisco Umbrella Rank: 386297 bid.2trk.info — Cisco Umbrella Rank: 203174	141 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33607 ad4m.at — Cisco Umbrella Rank: 11864 assets.ad4m.at — Cisco Umbrella Rank: 42437	379 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 337 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 675 aax.amazon-adsystem.com — Cisco Umbrella Rank: 418 s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed	67 KB
7	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 884	2 KB
7	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553 ads.pubmatic.com — Cisco Umbrella Rank: 568 image6.pubmatic.com — Cisco Umbrella Rank: 913	16 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	118 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	vlitag.com services.vlitag.com — Cisco Umbrella Rank: 35887 assets.vlitag.com — Cisco Umbrella Rank: 43861	341 KB
5	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1037	699 B
5	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 17449 sync.quantumdex.io — Cisco Umbrella Rank: 3064	2 KB
5	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 10816 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767	7 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	126 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7620	725 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1598 mp.4dex.io — Cisco Umbrella Rank: 2465	26 KB
4	gstatic.com fonts.gstatic.com	97 KB
4	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4447 buttons-config.sharethis.com — Cisco Umbrella Rank: 5278 l.sharethis.com — Cisco Umbrella Rank: 4833	93 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 427	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 670	2 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24128	1 KB
3	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 6860	699 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1071	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	171 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
3	wp.com i0.wp.com — Cisco Umbrella Rank: 3945 stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2766	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	226 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 613	69 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5082	653 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 604	1 KB
2	acuityplatform.com 2 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1416	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 980 s.tribalfusion.com — Cisco Umbrella Rank: 2310	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 943	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1343 pixel.quantserve.com — Cisco Umbrella Rank: 1130 cms.quantserve.com Failed	10 KB
2	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3362	44 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1086	406 B
1	omnitagjs.com 1 redirects visitor.omnitagjs.com — Cisco Umbrella Rank: 966	387 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450 mug.criteo.com Failed dis.criteo.com Failed
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 47496
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18350	705 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 81720	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 75451	441 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 74920	264 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478 ups.analytics.yahoo.com Failed	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 7098	581 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2910	985 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	490 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7544	233 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2084	436 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1253	634 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	611 B
1	google.de www.google.de — Cisco Umbrella Rank: 5677	408 B
0	turn.com Failed ad.turn.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	loopme.me Failed csync.loopme.me Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	3lift.com Failed eb2.3lift.com — Cisco Umbrella Rank: 433 Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
0	lijit.com Failed ap.lijit.com Failed
0	smaato.net Failed s.ad.smaato.net Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	betweendigital.com Failed ads.betweendigital.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	a-mx.com Failed id.a-mx.com Failed
0	appier.net Failed a.c.appier.net Failed
323	80

	Domain	Requested by
51	securityaffairs.com	securityaffairs.com
23	px.vliplatform.com
18	cm.g.doubleclick.net	2 redirects 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securityaffairs.com 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com cdn.ampproject.org
11	cdn.2trk.info	rtgcloudsql.2trk.info
11	pagead2.googlesyndication.com	securityaffairs.com pagead2.googlesyndication.com tpc.googlesyndication.com 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com www.googletagservices.com
10	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
7	onetag-sys.com	1 redirects assets.vlitag.com sync.quantumdex.io
6	assets.ad4m.at	as.ad4m.at
6	cdn.ampproject.org	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	prebid.a-mo.net	assets.vlitag.com
5	www.google.com	tpc.googlesyndication.com securityaffairs.com 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
4	rtgcdn.2trk.info	rtgcloudsql.2trk.info
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	securityaffairs.com as.ad4m.at ad4m.at
4	useast.quantumdex.io	assets.vlitag.com
4	prebid-eu.creativecdn.com	assets.vlitag.com
4	hbopenbid.pubmatic.com	assets.vlitag.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	securityaffairs.com 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com cdn.2trk.info
4	services.vlitag.com	securityaffairs.com services.vlitag.com
3	id5-sync.com	assets.vlitag.com sync.quantumdex.io
3	c1.adform.net	3 redirects
3	sync.gonet-ads.com	3 redirects
3	dsp.adkernel.com	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
3	pm.w55c.net	3 redirects
3	www.googletagservices.com	securityaffairs.com 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
3	prg-apac.smartadserver.com	assets.vlitag.com
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	www.googletagmanager.com	securityaffairs.com www.googletagmanager.com
2	match.sharethrough.com	sync.quantumdex.io
2	rtb-csync.smartadserver.com
2	ads.pubmatic.com	assets.vlitag.com sync.quantumdex.io
2	ad.doubleclick.net	2 redirects
2	bid.2trk.info	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	ums.acuityplatform.com	2 redirects
2	rtgcloudsql.2trk.info	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com securityaffairs.com
2	um.simpli.fi	2 redirects
2	mp.4dex.io	assets.vlitag.com
2	script.4dex.io	assets.vlitag.com script.4dex.io
2	assets.vlitag.com	services.vlitag.com
2	cmp.quantcast.com	services.vlitag.com cmp.quantcast.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform-api.sharethis.com	securityaffairs.com
1	image6.pubmatic.com	ads.pubmatic.com
1	lb.eu-1-id5-sync.com	assets.vlitag.com
1	visitor.omnitagjs.com	1 redirects
1	sync.quantumdex.io	assets.vlitag.com
1	gum.criteo.com
1	track.webgains.com	as.ad4m.at
1	www.awin1.com	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
1	beacon.walmart.com	1 redirects
1	s.tribalfusion.com	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	s0.2mdn.net
1	rtb2-useast.e-volution.ai	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
1	pixel.quantserve.com
1	cadmus.script.ac	script.4dex.io
1	rules.quantcount.com	secure.quantserve.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	secure.quantserve.com	cmp.quantcast.com
1	imasdk.googleapis.com	services.vlitag.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	securityaffairs.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel.wp.com	securityaffairs.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.com
1	i0.wp.com	securityaffairs.com
0	ad.turn.com Failed
0	pubmatic-match.dotomi.com Failed
0	pixel-sync.sitescout.com Failed
0	ups.analytics.yahoo.com Failed
0	match.adsrvr.org Failed
0	a.audrte.com Failed
0	cr.frontend.weborama.fr Failed
0	sync.crwdcntrl.net Failed
0	csync.loopme.me Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
0	dsp.adfarm1.adition.com Failed	ads.pubmatic.com
0	cms.quantserve.com Failed	ads.pubmatic.com
0	aax-eu.amazon-adsystem.com Failed	ads.pubmatic.com
0	dis.criteo.com Failed	ads.pubmatic.com
0	sync.1rx.io Failed	sync.quantumdex.io
0	eb2.3lift.com Failed	sync.quantumdex.io
0	cs-server-s2s.yellowblue.io Failed	sync.quantumdex.io
0	ssum-sec.casalemedia.com Failed	sync.quantumdex.io
0	ap.lijit.com Failed	sync.quantumdex.io
0	s.ad.smaato.net Failed	sync.quantumdex.io
0	ib.adnxs.com Failed	sync.quantumdex.io ads.pubmatic.com
0	ssp.disqus.com Failed	sync.quantumdex.io
0	ads.betweendigital.com Failed	sync.quantumdex.io
0	cs.admanmedia.com Failed
0	s.amazon-adsystem.com Failed
0	mug.criteo.com Failed
0	id.a-mx.com Failed	assets.vlitag.com
0	a.c.appier.net Failed	14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
323	114

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
news.yahoo.com
atriumhealth.org
www.catawbavalleyhealth.org
www.charlotteradiology.com
www.dukehealth.org
www.centralcarolinahosp.com
www.ecuhealth.org
www.firsthealth.org
missionhealth.org
www.novanthealth.org
www.unchealth.org
www.wakerad.com
www.wakemed.org
www.annualcreditreport.com
infosec.exchange
www.linkedin.com
securityaffairs.co

Subject Issuer	Validity	Valid
securityaffairs.com GTS CA 1P5	`2023-08-20` - `2023-11-18`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cmp.quantcast.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.a-mo.net R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
2trk.info E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Frame ID: B81055A5B47169786E3F02226EB69DEC
Requests: 167 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: FE7403D850532F0384B621A302ED32FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1694995738&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695002937995&bpp=3&bdt=331&idt=191&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4634220255263&frm=20&pv=2&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077327%2C31076994%2C21065725%2C31077705&oid=2&pvsid=3517249380039617&tmod=672292082&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: 72B0CDBE64B989263CF34AB975517D91
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D75C56779926D4BFB3EF004E2EFAB01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EF18F518517EBC6149BFB111EE90316
Requests: 2 HTTP requests in this frame

Frame: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 166E3AC21FE9DFA16965D59679132EF2
Requests: 1 HTTP requests in this frame

Frame: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C71A511DCEE4C10874DF9D218F3319D
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D
Frame ID: E9F31C0A93534E70A3EA905841E0F0F3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Frame ID: BC365BC1F5211567ED4EC67A4E02FCF3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11084511567A586FC8542D2EE80BEC8B
Requests: 9 HTTP requests in this frame

Frame: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDB91BB8CA07E276D9392E1DE6DB5806
Requests: 18 HTTP requests in this frame

Frame: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFDBE1FE221D410133B6A1EA548E6357
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C0E5BA1B11F87D70C2A525C98AA99A8
Requests: 1 HTTP requests in this frame

Frame: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
Frame ID: 523E569566FBB9056D43413C8E534E0C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6895584F81755DEBB279E0C40F6FDC74
Requests: 9 HTTP requests in this frame

Frame: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06F0521B9F49439D5323842C1345A7B9
Requests: 1 HTTP requests in this frame

Frame: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Frame ID: 0DE0AFB4BF3C9CFF72B588921763E6F7
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Frame ID: CEF1F936AAED5B6E0E080264E0ECBF81
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD7E91279243B72F2E4BEB4D077C0D45
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Frame ID: C0D1547F6E193CE7CF2834B2AE369ABA
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: B2C84388928FE95F35C8FC861949DCF7
Requests: 17 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695002938653&gdpr=0&us_privacy=1---
Frame ID: 1C2D72D12AEC3E00F417874EB7CE391E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 801E358ED47F64542A5DA870099F34A1
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 3F199AE4E74A8668F1637E8F5DA6A398
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 85661CABD1B2B837D11C83EDD8985AF3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 84513EC934F52B6019BA61372DFEA01D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C5CD70F826454BDA5CCF6193FECAA0E9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 0607A4FE90BFD216C727F2BEA23C6DF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
Frame ID: 47F2870FB72EE79310B55CF567CD3472
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8CBD7049479E1EAE8DD8BBFAA0D5299A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 99EF5D26533A4DE4957C46550865C545
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 41AD57A058DB6D685F79AF6B2751DA10
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 2F139F7AC3058C41FBD5566C9290A16D
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: E5A944EF58641FB3CB65FDB58D8FA2AF
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: F6E56873894FFD6920EEA176E5AB885C
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 2529FF30B50B477146A42B4DE9E44970
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A63B2A59CB1EBFA8AC3E24360F4F4747
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 6091385128D33D49B1ABB513128A9702
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: C9B07F671EB33066BAFC75D034BF7B0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clop gang stolen data from major North Carolina hospitals

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

323
Requests

82 %
HTTPS

50 %
IPv6

80
Domains

114
Subdomains

60
IPs

10
Countries

3063 kB
Transfer

8199 kB
Size

56
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sec.affairs/

Search URL Search Domain Scan URL

URL: https://twitter.com/securityaffairs

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/russian-cyber-thieves-linked-personal-202630737.html
Title: said that Clop group may have stolen personal data

Search URL Search Domain Scan URL

URL: https://atriumhealth.org/?gclid=CjwKCAjwpJWoBhA8EiwAHZFzfmRSW25Zs0bA0ngZeUTGpPeXVwE1fqizULLIK_TOr2Gc0DNQKygmBxoCB9wQAvD_BwE
Title: Atrium Health

Search URL Search Domain Scan URL

URL: https://www.catawbavalleyhealth.org/
Title: Catawba Valley Medical Center

Search URL Search Domain Scan URL

URL: https://www.charlotteradiology.com/
Title: Charlotte Radiology

Search URL Search Domain Scan URL

URL: https://www.dukehealth.org/
Title: Duke University Health System

Search URL Search Domain Scan URL

URL: https://www.centralcarolinahosp.com/
Title: Central Carolina Medical Center

Search URL Search Domain Scan URL

URL: https://www.ecuhealth.org/
Title: ECU Health

Search URL Search Domain Scan URL

URL: https://www.firsthealth.org/
Title: FirstHealth of the Carolinas

Search URL Search Domain Scan URL

URL: https://missionhealth.org/
Title: Mission Health System

Search URL Search Domain Scan URL

URL: https://www.novanthealth.org/pf/?utm_source=google&utm_term=novant%20health&utm_cmpid=1070255209&utm_adgid=59293428704&utm_tgtid=kwd-302442297305&utm_mt=e&utm_adid=423668156296&utm_dvc=c&utm_ntwk=g&utm_adpos&utm_plcmnt&utm_feeditemid&utm_devicemdl&utm_plcmnttgt&utm_locphysid=9009940&utm_locintid&gclid=CjwKCAjwpJWoBhA8EiwAHZFzfl1a1TfKkpTEi7VrQH-RXK-ND9Jhyq50nQGc9QLQ1UEKpmdxDGAgFhoCM7wQAvD_BwE
Title: Novant Health

Search URL Search Domain Scan URL

URL: https://www.novanthealth.org/locations/medical-centers/new-hanover-regional-medical-center/
Title: Novant Health New Hanover Regional Medical Center

Search URL Search Domain Scan URL

URL: https://www.unchealth.org/home
Title: UNC Health

Search URL Search Domain Scan URL

URL: https://www.wakerad.com/
Title: Wake Radiology Diagnostic Imaging

Search URL Search Domain Scan URL

URL: https://www.wakemed.org/
Title: WakeMed Health & Hospitals

Search URL Search Domain Scan URL

URL: https://www.annualcreditreport.com/index.action
Title: free credit reports

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sec.affairs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@securityaffairs
Title: Mastodon

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/
Title: SecurityAffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html
Title: linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Clop+gang+stolen+data+from+major+North+Carolina+hospitals+-&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&counturl=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html
Title: twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 167

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15uDovUlLygCSExK77WwRGJKLp53tzrxpaCZ4PlK014Vx1mEVj6KdTN6tc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15uDovUlLygCSExK77WwRGJKLp53tzrxpaCZ4PlK014Vx1mEVj6KdTN6tc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15uDovUlLygCSExK77WwRGJKLp53tzrxpaCZ4PlK014Vx1mEVj6KdTN6tc

Request Chain 168

https://um.simpli.fi/gp_match?google_gid=CAESEN1LqNOdFcGPDkelxu78Oy8&google_cver=1&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpHs8lv1Muz3PC-2MEs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpHs8lv1Muz3PC-2MEs

Request Chain 170

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECXXhRGQYow1bMerfYX7zDo&google_cver=1&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBKVVLC4G4Ir4ElbNinvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBKVVLC4G4Ir4ElbNinvRg

Request Chain 172

https://sync.gonet-ads.com/match/google?google_gid=CAESEIEcInIdYitNlVKG8Dib8FU&google_cver=1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6l21cgofOWNk HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEIEcInIdYitNlVKG8Dib8FU&google_cver=1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6l21cgofOWNk&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=OTY0NWFiMjQ2ZTkzYmY1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6l21cgofOWNk HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=OTY0NWFiMjQ2ZTkzYmY1&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 173

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAR_E20C6ybCV48PBE4KMSY&google_cver=1&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5kO33ltGCbCVhSMhL52q3JUAdpURpGL9SfYebwi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5kO33ltGCbCVhSMhL52q3JUAdpURpGL9SfYebwi

Request Chain 205

https://a.tribalfusion.com/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 206

https://um.simpli.fi/gp_match?google_gid=CAESEBZ7X5a_ZBTkg3zz3eZi4Qg&google_cver=1&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1lTfd7AdpeOrWGLnDCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1lTfd7AdpeOrWGLnDCg

Request Chain 208

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvuoCLcwQjBWN6Fy2hefXs&google_cver=1&google_push=AXcoOmS2mMSTz9m0aPRnB5dop5b0WvhL1HTB4swi2WYZodGf5CH16iUE4uvNZhsZ-stxpgft3PkxuO3RnvJckwNj51EvhU9V0qPR4Nnu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

Request Chain 209

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELRdkmJWSzmaEU5J-ZYYu3E&google_cver=1&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsnDiZGUTh7q1pIGqI9jHZnOt2r HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELRdkmJWSzmaEU5J-ZYYu3E&google_cver=1&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsnDiZGUTh7q1pIGqI9jHZnOt2r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA2NTM1NDYwNzU4ODM1MjQxNA&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsnDiZGUTh7q1pIGqI9jHZnOt2r

Request Chain 210

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFeAbrPe3C63qrXqeB0NLi4&google_cver=1&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFeAbrPe3C63qrXqeB0NLi4&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo&google_hm=cURpRmMzQmlTR0ltNWg0RlA5U1E=

Request Chain 226

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cver=1&google_push=AXcoOmRYm8qvL7_Nd4kEfWNCwdfw0MsezsHDUMoAU8MC4ImEIaoRYLCLFPGYGFz9MVxWjy0Fwi1PkLFKY426e_Uoe5wZaFpH_a61J48 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cver=1&google_push=AXcoOmRYm8qvL7_Nd4kEfWNCwdfw0MsezsHDUMoAU8MC4ImEIaoRYLCLFPGYGFz9MVxWjy0Fwi1PkLFKY426e_Uoe5wZaFpH_a61J48

Request Chain 227

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-ucH_DlI_ArljOZSV5t6JaJCQvrUtpg9GVRPuVK5yCVejtjQSMtOF6JCDLueOvLKSAOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RCf1mWzg7eafGL2HwT8k0M&tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-ucH_DlI_ArljOZSV5t6JaJCQvrUtpg9GVRPuVK5yCVejtjQSMtOF6JCDLueOvLKSAOw

Request Chain 228

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEKAUgV0fDh5qNgyO4vD663s&google_cver=1&google_push=AXcoOmQbi_L8RX4LjToyojqhkU-vWamqu8V11CBzurzFTVzDk8X7Eyi-CfgJQZME2Zn3e6c5q4LV0HWe3VfKIac86Yi7oBBKnFwKxKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

Request Chain 230

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE1Npm8U1zE8VOvvYO2hgPI&google_cver=1&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK9jZcNNfI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK9jZcNNfI&google_hm=eS1YaWtXbzZwRTJwRmR1OUZHZzJiMkdka3ZYaHhzY1VZVH5B

Request Chain 231

https://d5p.de17a.com/cookies/google?google_gid=CAESEJVPKf_RSSVfQ9iXrYfPTSI&google_cver=1&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJVPKf_RSSVfQ9iXrYfPTSI&google_cver=1&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU

Request Chain 265

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIvKg4GKs4EDFY3UEQgdTLsKuA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218

Request Chain 274

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=6XmdhXw5RlgzNm00Q1MrY2k4NkF1UmJDbkJ0TUJTcHJ3OVFJM2Q3MjVhSkhYZkNUVWZQdEJOWk9YcjV5WDFwL0V3TUJKdUluWFk2VWVkZU9SdkpNSVpJb3JDYXE5WHM3UkFrODlpNHNaMjF6cWFPRmlxUUo3aVloamFpemM4TzJZNXpUV1Q5OWEzUlJBaWxobDZvVURXTlJkZkQ1RlRUTHFjVGx2dDZaRXBzbzVIeExJMjlZUHgrYzBtajlUK1kyQWJQbGttZm9ncTRRTHdNN1B1TWxwa2pBNk5IR280ZTc4L0xQd3lVK1RjRTV5NlJJeGRQd1paV0dCWkcvVUVoQ2JCV3pFfA&cppv=2

Request Chain 280

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3860276504035066066&gdpr=0&gdpr_consent=

Request Chain 281

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=cc3b3f9f24bfb520886cc1bee7b0952f&gdpr=0&gdpr_consent=0

Request Chain 284

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5065354607588352414&gdpr=0&gdpr_consent=

Request Chain 298

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

323 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request north-carolina-hospitals-data-breach.html Show response
securityaffairs.com/150949/cyber-crime/ 109 KB
25 KB 155ms
101ms Document
text/html 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5dd4cda9d21677b8cb1b55fd739ba6631465578bf4c5f6cbc368d7009f9876

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 80860b47b9b039e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 02:08:57 GMT
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/150949>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=150949>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7AXwLFPwCp9ezYctSARV525%2B891OapVOUh9M9ICk%2F0HZYDAeXt5BaRmClD4VhjjIF4gE0FJAkBDCrbCLUR%2BKZuRGSZunAHQaENH3I9WiQJ8Iw%2Ft9W4xIWgfD16ydBRPGtT3D7L4Xii9xUo6owEVT9sn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://securityaffairs.com/xmlrpc.php

GET
H2 200 style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 25ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=cc93dd60bf1bcc2ebb77dacd7f181ef3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 442360
cf-polished: origSize=112251
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:36:33 GMT
server: cloudflare
etag: W/"64d2c371-1b67b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuJmhh6KwfnjulRC8IM2YMZxuXgVmFyKknOTV6o7IARfxDxOl89j%2F1j%2FCkeam4JjHJcChftuMdY9%2BjxyCn4zz6HCXlUkGbjhXs3f8NckA2Qh2cg%2FN5VkINEa%2FAc0JVK8SAnTrrvl2oNuBfogJO5Od07h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a4b39e0-FRA
expires: Tue, 19 Sep 2023 23:16:17 GMT

GET
H2 200 view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 602 B
644 B 20ms
17ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436635
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:10 GMT
server: cloudflare
etag: W/"64f3a5de-25a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYL3kHWovZgqF9XGcQ6zkd8AALRui0%2F9syhoEUef7eHJ%2BSi0WCFhPNt9iT4FYLY5kG66lSHN%2Fv9jC73O6Sxj6g8plmMN1hEi2d3SE%2BUs1UVO0BVYZTkkU5SxH7%2B6LCClWYEj%2BCZ2vll2auOayQuHSMhx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a4e39e0-FRA
expires: Wed, 20 Sep 2023 00:51:42 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 11 KB
3 KB 23ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406279
etag: W/"5fd15e34-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AzaBGWOra7vmqwHhZsiZdsT5pJy%2FXxk5G19Ew3WFu94u9Hn0UzB3%2Bfx2zc8UVolN7LiXKyublqs72tV4ya9ETVY%2B4I%2F8NnGm%2B0fjIdiRUAWSMzmzKLEmpl6pEEwIPKTP4Ui61krq4f1ikOnyETDwqmi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a4f39e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Sep 2023 09:17:38 GMT

GET
H2 200 wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 4 KB
1 KB 20ms
18ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=cc93dd60bf1bcc2ebb77dacd7f181ef3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 442360
cf-polished: origSize=4960
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: cloudflare
etag: W/"5dcc9728-1360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr0jSd1u%2FOMDp0QqrnO6xuRw8LW%2FXCGQFIzXe7cGbx6hISHiFGjI8%2BTmQXnCgKQ5nZbMXalSPyuQ8sA%2FbGIl%2F6NLIZswztxEK1LXWi2GfWk4J0np2IKdURqZA7WWwWzI7HdeZkmgjncnYmi%2BbhD5MCFd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5039e0-FRA
expires: Tue, 19 Sep 2023 23:16:17 GMT

GET
H2 200 styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 21ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437667
cf-polished: origSize=2859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:37:50 GMT
server: cloudflare
etag: W/"64d2c3be-b2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F5FC2lJYojDSR90y4isKhfhOAqjPtPqqQC8eRnew60MoyYGWHTgcdF2%2BEPu48Ox5rZFOGnVBvPlzVTJNnUXLn8zs1IqYlwV5WxjFjeZsfZMynpwPox%2BkMLMXjpkl7BJxtjeKXnKYRgyEdrjgnnxSzW0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5239e0-FRA
expires: Wed, 20 Sep 2023 00:34:30 GMT

GET
H2 200 cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
994 B 27ms
24ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100132
cf-polished: origSize=3106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:07 GMT
server: cloudflare
etag: W/"64f3a5db-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRO9XzkFSUL5tiMwQraveUY%2FbM7VfB7U7OsMMVwQWnRRxrk5pIoB4W37usXC%2FlL2dZMhsxc9TP3VFUN03mL6rbPC1b1MnNT5D9XPE9vpBRthBwL2MyeyXzxDigRfFTan454PGkUdc55r53FCTRp9upka"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5439e0-FRA
expires: Sat, 23 Sep 2023 22:20:05 GMT

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 22 KB
4 KB 25ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100132
cf-polished: origSize=27249
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:07 GMT
server: cloudflare
etag: W/"64f3a5db-6a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhNEg9RqkxP9NSMu9wUPewpKg%2FQ3lhYVarEyy7T%2FRAlq7z9Ebc2%2FEdLLgIlCi8uCA00qnn4Q3pBHtqv64Ck%2BlKVsx1ODsMKgmedldt7comsSKVqvnIl6PXgDGC7yVLUsOXNbH%2BRtlHs73GFzpuQvZR42"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5539e0-FRA
expires: Sat, 23 Sep 2023 22:20:05 GMT

GET
H2 200 mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/ 0
354 B 22ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1690839156
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533384
cf-polished: origSize=26
alt-svc: h3=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 21:32:36 GMT
server: cloudflare
etag: "64c82874-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qvt56jwYyEf9VU6glFEp1WFiOExU59NQcAaObJQ5pJLZ8zlnz0Izgvfszhv6VXjnRUQ1o3J%2BxW2JckeXHsxR6eYOT6XHkwYqW917WdUv7qpBd%2FFLrclmaKUQUMqOW%2Bn%2Fs4fXs2i8sf1p3dy6MSNqhIO%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 80860b486a5639e0-FRA
expires: Mon, 18 Sep 2023 21:59:13 GMT

GET
H2 200 form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 2 KB
838 B 26ms
24ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.7
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100132
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:15 GMT
server: cloudflare
etag: W/"64f3a5e3-654"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMKy%2FbuIjY%2BK7bDhjQ3Dpm6pYdBZqAAEMNv7hpRUO%2F%2Fp17mkn6r6BzeOGI%2FqIwL%2BNjchG%2BrAxRolG%2FW5QADCp1d3ckkcuwYpZmRIb5oK6yONKyNfTsOWlZ6qXEr25dFZcKEuh2jcYDJceDdg1J7qPMtE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5739e0-FRA
expires: Sat, 23 Sep 2023 22:20:05 GMT

GET
H2 200 bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 152 KB
24 KB 34ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32349
etag: W/"63ec8df4-260c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3Jym7r8uzTLQlDvJtkyUF8araI5H1adNLf9I9HkY9I9%2BQne4oI0djIeFx5mLVZC%2BImY1huFOD6GJuzD843pBvNEhd4yZTcduOx%2BiTDnv2HcEfQiERBa5zYiZ4q1gs7zZHoT8Ja7BGVaj1cscBwEXz3M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b486a5839e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 30 KB
7 KB 31ms
29ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32349
cf-polished: origSize=31000
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:47:01 GMT
server: cloudflare
etag: W/"63ec8df5-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUOc4JozSzFcEVEVkp46wsIwMS3RtHTIdao7RjpUocoSi%2BF8SFnLVPopFQyfabfw7s9kKofy%2FW%2FSdjPZkGm7yhUyPs2lhGfZEiCMGf9m7WAy2bcm%2FRTlkmrJG2ePWCHX35UJ1Ig8pXzJc3dFSrbrvTyO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5a39e0-FRA
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 44 KB
4 KB 36ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32349
cf-polished: origSize=45516
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:47:00 GMT
server: cloudflare
etag: W/"63ec8df4-b1cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p85B20pJBjGIRpF7b8n9BzJog%2Bcvz%2BrUX88Kvr9smttZjxNmuf8MOcgpC4IrAbszFsjJib7NJ1Ks6rMFOS%2FGPNqDnFE6yiPhRYkvrXGpJRmorHQAhwtihGcnWStd2XiXd3vCvJZYKUlgnjfEoNYd8tiY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5b39e0-FRA
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 16 KB
3 KB 28ms
26ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:47:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32349
etag: W/"63ec8df5-3f88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRsvaWWn1%2FBuj6PtJ3o19ZYTe9q2r2wD%2FRxaiIsny6w5tZWdMNXsCST4gSk4r8yAVey8GOVB8XJ1D3eQK0JFRLaDtm9wTwCsnzOt0kFQvGBf1%2BGW0nL3XgEQRkYq0ABbUFBNPwvCxOZWG%2Fp6LBX3xxxb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5c39e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 5 KB
1 KB 28ms
27ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:47:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32349
etag: W/"63ec8df5-13c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrKaLYMkvkfC%2FH3za28Lv9%2Fi2paPKDMOvcbe27pCixzBDQZGd3z711nij7jbEPa%2FSSda9GC4J0l2jatiwSxjagxlFOhcZS5YYgsTEitZMR98k%2FarfB9vHqStSRmpKn7OIcZa6YBzlFeWNk6ByRpnS9Xj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5d39e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 style.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 62 KB
10 KB 46ms
44ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32349
cf-polished: origSize=63687
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Aug 2023 19:58:52 GMT
server: cloudflare
etag: W/"64dd2a7c-f8c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOk7wzxlRMjQO9dXyE7nS14UbNVS8OGcApn9jid%2FTCbivu8rlnWkIXppED94MhgANZ5Y%2BrJh%2BrbD9U0qpMUTuSX%2BgzXi17Y2oqqLaxaQXDS3FBvm87jwsyYjDMVoKfnZU8zxoYIiOiSZo2W%2BxJPujvSn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5e39e0-FRA
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/ 4 KB
1 KB 27ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32349
cf-polished: origSize=4922
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:45:55 GMT
server: cloudflare
etag: W/"63ec8db3-133a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxm4e6s1F1hxZ8wPQg8kkNjmx0mlBle0bDhHKtqn9rv4bvIpuxvZ3Gz%2BRtzxFlf0S8QVdRlmaddTmBzkN0W3cb0juTEilCiKLZPaUu9mvetsYtaYLS4M%2FIX6H5GZvQSl6Agqf1Qo3m5P2W5%2B3HPkOR5s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 80860b487a5f39e0-FRA
expires: Sun, 24 Sep 2023 17:09:48 GMT

GET
H2 200 jquery.js Show response
securityaffairs.com/wp-includes/js/jquery/ 138 KB
41 KB 47ms
45ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437667
cf-polished: origSize=285016
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:36:33 GMT
server: cloudflare
etag: W/"64d2c371-45958"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FomWoxm6%2BL%2FqRfbTciSRUS3levRBQGGk%2FNVfGNulXR%2FNqNwxJParZ0ZRru2ZQwsIf8w3ESybBlw6dQWWWtq9pLZbpn0%2BTVR35gOSUuQlE1PC%2BIgeWhEe4BvA0Jk%2BWXF4aj%2FBkTahD73oQSvUvYkCknmO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b487a6039e0-FRA
expires: Wed, 20 Sep 2023 00:34:30 GMT

GET
H2 200 jquery-migrate.js Show response
securityaffairs.com/wp-includes/js/jquery/ 19 KB
6 KB 39ms
37ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437667
cf-polished: origSize=31978
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:36:33 GMT
server: cloudflare
etag: W/"64d2c371-7cea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci5Da0jfxSHbtUgAbzm%2Fjf4EKMCdcm8IVMLWMn4cuvknFaRYaB4hb%2F81zYxNzLv5tekyVXv5iu2iLDsRwmIQc1NbwJJlTKpYbpQVjOiSaBYiLXtHGCRNxYALwaIN2NFsnHe9POTygfS7rlEiEDY0RfTF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b487a6139e0-FRA
expires: Wed, 20 Sep 2023 00:34:30 GMT

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 27 KB
7 KB 37ms
35ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100132
cf-polished: origSize=34179
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:07 GMT
server: cloudflare
etag: W/"64f3a5db-8583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDTz4sK13B%2Fmsl8vZ4vRd1%2BVYe4gYDUQwsncU%2BUjTCsYnDQ5dM5u%2FWCjD03lZ6R9zSwjTkYCRm4%2BsrkglLvvb1LtlnCJwm8wNDGgQF93Y9h13iTDq89X8zqnq3ejRvZHdtPa0%2BWz3xjGUPDzw9fd4lwq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b487a6239e0-FRA
expires: Sat, 23 Sep 2023 22:20:05 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 67ms
8ms Script
text/javascript 13.32.99.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-78.fra60.r.cloudfront.net

Software

Resource Hash

cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:05:08 GMT
content-encoding: gzip
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 229
etag: W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: EOHgOx2mOiC-rmpqKRLp8fLI_IeLdNUnFZdpTi7pfnqvQQWEQfTYYw==

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 74ms
15ms Script
text/javascript 13.32.99.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-78.fra60.r.cloudfront.net

Software

Resource Hash

cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:01:26 GMT
content-encoding: gzip
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 451
etag: W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: kNBrV0euwzx1tVEJkdr1w9XnXGaVj3t0saeO4B_LmBTngYbMgZ5IWg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
64 KB 44ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1863a0812efa345476852c35e9d879de57a439b26f90c85a87a808ff65098a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64636
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Sep 2023 02:08:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 82ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4b862137365ea654dc8793df971aea428ffb0195a3c6599bc26f70336b155d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50702
x-xss-protection: 0
server: cafe
etag: 14284371132275731307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f37b6e84d0ad819b50c8a4357a5d19a3ec8a051536348a45940581d5d5ed9d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 02:08:57 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 574 KB
147 KB 199ms
158ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f294eb188a59c61d3d3d6462cfb0b9c3e8559aaf4f95ab3fc9b010b4e1c20418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=587646
etag: W/"221a5a398da89ace8729d1cd3c481ec7 2023-09-11T22:19:40 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b497f071d9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 467 B
856 B 44ms
39ms Image
image/svg+xml 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 864628
etag: W/"63ec8dd3-1d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPJCOyjLHAtOS1%2FRHwzARBps2MHm%2FpbCbxjqPUyZJRzkC48BSa%2BzxzSKTOn3MD59hhJhR1VYIyv7frOS7b%2FBUYti%2FaP7XQz53cOOGtteuOFhh2Ol3Tupjl1zfzZHfNiUobDNriuEVY70d39mR2tJSw2l"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 80860b493bf39b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 5 KB
5 KB 19ms
14ms Image
image/png 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1852488
alt-svc: h3=":443"; ma=86400
content-length: 4751
last-modified: Sun, 27 Aug 2023 14:33:01 GMT
server: cloudflare
etag: "64eb5e9d-128f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvULfbf%2FDiph4BHy1cVU8%2FWXVWZkWuDw%2BY73H8uWnCseitWOt82OpbkyTzNecJpbBjxrFEtfpg0xPQjnAMpN0XJB1nrimNUMzXhhfEVIiknrxx%2F2eQsS3eDH86xJlaHbiKqBdcQYTmoJodZxw9J12ITk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bf49b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 987 B
1 KB 44ms
40ms Image
image/svg+xml 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1845936
etag: W/"63ec8dd5-3db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADC9VXcXxH8POw9CdxIDgFSEV8F5w6PoJscV%2F07RrmrHlaYYk4H7R4OjAjleyxy0lwqdpB8GP25Q4U%2Ff87cpPDs8%2BHlWv%2FSSChLBVt9s1NWG%2BjS87OZHmhcgOGsuQ5pPkYHYiDCW2WF2YVlnGrIMwmt3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 80860b493bf69b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 947 B
1 KB 45ms
40ms Image
image/svg+xml 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1845515
etag: W/"63ec8dd5-3b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0innHrMvAR4lvoolA%2FZH8vd1XrjgPxUSW1z%2Bud%2B%2F5TAvVdhrHYIW9%2BP3AdijTDKmNsPhhKqbtuXi4DWIsOu4qwkjgSJG2drvblfiAhLQCVCqSpoA7xWPtQ%2FZAPxkxt7%2F99abk9DDPuIEoT1y2HBVbzZ6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 80860b493bf79b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 healthcare-MedicalData-breach.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 13 KB
13 KB 35ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/healthcare-MedicalData-breach.jpg?fit=536%2C352&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

00c4e9d7157cd302842247ada28bef5091178553442a4cab71c8da9d15eccbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 18 Sep 2023 02:08:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Jul 2023 18:23:30 GMT
server: nginx
etag: "9828c38b15d2ae8a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2015/03/healthcare-MedicalData-breach.jpg>; rel="canonical"
content-length: 12904
expires: Sun, 06 Jul 2025 06:23:30 GMT

GET
H3 200 CardX-Logo.jpg
securityaffairs.com/wp-content/uploads/2023/09/ 25 KB
25 KB 45ms
40ms Image
image/jpeg 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/09/CardX-Logo.jpg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcbbda0fd2a4322ae70f177ea7cff22aa049fb82a61e49de39669b393cf672ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63920
alt-svc: h3=":443"; ma=86400
content-length: 25133
last-modified: Sun, 17 Sep 2023 08:21:27 GMT
server: cloudflare
etag: "6506b707-622d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2zCOTNzaoJrxk4ZoprGr2FU%2BQB%2FnnibjYd1sZPBUT5wKE%2Bl7Htcz8L8X7z3XZ3buFysPn2yg6G8n5A23f%2BoZgbpYWSbq89dTomVQWrTxLqD0OlOQurX3irvQl%2F5p4IUIff4yvv0tnOoqJmZC2iWdzXU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bf89b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 newsletter.png
securityaffairs.com/wp-content/uploads/2015/03/ 50 KB
50 KB 46ms
42ms Image
image/png 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1267fc6c8805b7f508e04bc8da776509420413adb25e197f12c9f9405c74ac6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1253883
alt-svc: h3=":443"; ma=86400
content-length: 51032
last-modified: Wed, 16 Dec 2015 11:53:22 GMT
server: cloudflare
etag: "567150b2-c758"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMq7XSuqicuPntjmN2g%2BrQwwioQ%2FuV4cjnLszASAI3EEf0R2jq90vBlYuvRSfOTKUcAamarXtxNp4OIDXf2WG1Rg5EYSzgc7J7F3jpA7hF3nho%2BJ2CMytMhGgtqZUf3OzzgLTsIrmG53M5%2Fl9X1lH7Ni"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bf99b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 healthcare-MedicalData-breach.jpg
securityaffairs.com/wp-content/uploads/2015/03/ 29 KB
29 KB 47ms
43ms Image
image/jpeg 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2015/03/healthcare-MedicalData-breach.jpg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43993db4451098683408e1ab4b6d21938a60291c146c15a379cabfc0c1cb38f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45584
alt-svc: h3=":443"; ma=86400
content-length: 29477
last-modified: Wed, 16 Dec 2015 11:48:23 GMT
server: cloudflare
etag: "56714f87-7325"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBH9gQEgA1FrO%2BOfBekGYgJUOMY7KJ%2BpSo7un5PAOgpPb7Udv9R1d1xQFRTOHmmMR4kehRt9h6recDStcC7LqWtn%2FBI0U1cRMfNQCYTFRT5J%2Bun9W7JFCPydsc3%2B8vFefBY0QnaDJJSJlPxHWGhoiBLs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bfa9b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tiktok-app.jpg
securityaffairs.com/wp-content/uploads/2020/01/ 27 KB
28 KB 52ms
48ms Image
image/jpeg 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2020/01/tiktok-app.jpg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e85f0ffb42614435980499c2a34ae6b797eeb46188fe9bf2992826d1b4f832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103482
alt-svc: h3=":443"; ma=86400
content-length: 28097
last-modified: Fri, 03 Jan 2020 15:23:56 GMT
server: cloudflare
etag: "5e0f5c8c-6dc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QFgkc7wwiaPBo%2FTNSIZaMKP%2BFmiI2jDWEAeJdXFHg4Q4slUVefREMChDdzjS%2BOQcm2EKrQU2tAQOmtSa8bjcinAXNCt2owCuvX6Bfu7ZF8utd%2B%2F4Cv2ydMIp9v%2FMYrSKH%2Fda9AttLpyt7qYEWMLBmcH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bfb9b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 DoJ.jpg
securityaffairs.com/wp-content/uploads/2015/03/ 51 KB
52 KB 52ms
48ms Image
image/jpeg 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2015/03/DoJ.jpg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698efec41dc5a5946ae4a26a456cad7646bb9cb56a479ee89b76160cccba142e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192117
alt-svc: h3=":443"; ma=86400
content-length: 52674
last-modified: Wed, 16 Dec 2015 11:43:09 GMT
server: cloudflare
etag: "56714e4d-cdc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLGtQgxuMY0kLJlHmnvGrSrSzdfx5LpFnEtqju6pKUSFHqQnXEV8Ph2WY2kTRvFZURKFLhxTDdjNJujjRbVJKVGKT3yAbECpIKBd%2FlU9vYn5qECtoU8YvysHEy9oOqxi8BPNleoKHnw9%2FX6EHPLPr7cC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bfc9b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 4 KB
4 KB 55ms
51ms Image
image/png 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1852488
alt-svc: h3=":443"; ma=86400
content-length: 3916
last-modified: Sun, 27 Aug 2023 14:33:08 GMT
server: cloudflare
etag: "64eb5ea4-f4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EINXzhrrQwj7hcIk%2FIEUo0uZvPpCPbjXA7vUOp4aWZQSzQb0Vnp8PwE2KvqtMxbF2%2Bd4LkFTgUuj7fK8pTlXbT1oUu%2BEywW82S4YasgXvXQ8jGrfZmK9s%2FVg1fEo9i7g1as1dVdPnUNMrhYddB4TormJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 80860b493bfd9b5d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6500883e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaKqxOKdS1BGAcmeq%2BquVzgRniztJJKO0y%2BUvj6xphdnN1IkViR5VUsrGcxV%2FDJ5QfbvmqysbTCKgZgMtUnxzvwMWLu8whtUaugvphYlmfIZimJN%2BGLNBac5BOHXp41K%2BY8Y%2B2gCLxF86cQzVrGCtkhM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80860b48fbbd9b5d-FRA
expires: Wed, 20 Sep 2023 02:08:57 GMT

GET
H3 200 image-cdn.js Show response
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
859 B 14ms
13ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437105
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Sep 2023 21:15:10 GMT
server: cloudflare
etag: W/"64f3a5de-2bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18GDS1yL4CR6ItNb%2FFogJZzPcguLURnd49yIH4Edi5VhqCBDfpK5CGgAx9Ph95LbhyLNqcbJ%2BmqEUDdX6NxzA6UkF3pEH12HzTqzSKMeqAtWIdDpkshKcYatvZeuqWz10xAhLjfB5qHtP4467nbpDNOv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b490bce9b5d-FRA
expires: Wed, 20 Sep 2023 00:43:52 GMT

GET
H3 200 index.js Show response
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:37:50 GMT
server: cloudflare
etag: W/"64d2c3be-2a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LersxBXbuxW1iaEXPgXJWLRgGqmjVVa%2Ffk9MfVpzhAAgZvxKyDPrXCMMk8Pow5HuJZs7lWKwN3Ab1HrCD5Lj%2Bq%2FKAP7xZ80L9D4Y7BdYFW8wPpti9Hu1ZcsNnVLmlmKhLl6GCPJQ%2BWoh%2FKyb%2B4B2kHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b490bcf9b5d-FRA
expires: Wed, 20 Sep 2023 00:21:45 GMT

GET
H3 200 index.js Show response
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 22:37:50 GMT
server: cloudflare
etag: W/"64d2c3be-328f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFr5fksUTGb65D6c1K9HsB98sl8kdO%2F8JAyVVXISaDTrLQBye6vI3rPSc8PYD30TjdaYY7IazuXozh%2FVnGXW0ALMXs9IM1I0EkliEN7%2FDmTlA5TufBYw6FAam0kwymjCcXXwoXd0N6EnMCak22rTduw%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b492be39b5d-FRA
expires: Wed, 20 Sep 2023 00:21:45 GMT

GET
H3 200 ssba.js Show response
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 20ms
13ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45035
cf-polished: origSize=3110
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 11 Jun 2023 12:32:52 GMT
server: cloudflare
etag: W/"6485bef4-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbHKv7avDf7AwqVedMtpfdDMMaCoiLGYjYwutD6I%2Fc5x9yw886SA%2B%2F2T%2Fn5GW5E9N%2FdF4sbr%2BccpgKjsLiLX4YwZ4I6yzma3%2F5kKV%2Ba5%2BELy9duAUlo86GDpIt%2Fp36H8%2B9eDBCrNWAFZyFsweGKTOYL9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493be89b5d-FRA
expires: Sun, 24 Sep 2023 13:38:22 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 87 KB
32 KB 25ms
18ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8dba-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLl5TI9IyfG6MRPT2w44WIcYdqIE9DxzTxQNcWw966sIQkkd%2BGXZa1WljhkaLS%2BqTsq%2F%2BF7qF64TG7mlb2JsBAsfp5KZcG3r5Urz31Qsow0hEn1shZFR9qnYM1jMk1osTkVv9569Y%2Fl8ZsSadli4DoDP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493be99b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 77 KB
23 KB 31ms
24ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8db9-13397"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf4YILYEKZavRN4Q6FJLC2MGVZiY%2FTyjHVyVioiZ5Z3s6DwfAgh%2FeKlSmQ2W8y8DMwse%2FnxkDbx4ZqwKat%2BVVxMk9ZlPP%2FwsEb9TZCQqyftdozOHGjOJXuOxZ4wLmDtjag4yNZteCTEFmYlIO21CbTyb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bea9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 animation.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 3 KB
2 KB 40ms
33ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32989
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:46:02 GMT
server: cloudflare
etag: W/"63ec8dba-b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCjPYrHbl2dE0l%2Bh7UK2PWR%2B71cxrZpBhswdB0mW6nbeV8Ra6u%2Fby1KKcqPIxEPr2gBTj614ywITest7qxhbHB3T%2FrsZryNbONKJPSw2ijZ4uy9UmB9QcsNu2ePj0uDpA2FgDcQwd1mIR2Q5PjzfEhX%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493beb9b5d-FRA
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 slick.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/slick/ 42 KB
11 KB 22ms
15ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:45:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8db3-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD0hYydLskKn9VpKI86d1S7eGS065ZvYvBqdB1oHTCAO2%2FjaVBcjjD%2Fas2GRS7doAYnomX07vY0Pnnz5O7ntkPvrX1TnemWshrY8xeHtTRXcSD6%2FBddjfLfsCm2fdpkZgDj5OHF9pP0VG8uO9QmhOg5i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bed9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 select2.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 71 KB
20 KB 41ms
34ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8db9-11dcb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnepZeJO2oVvK5Bkkd5W3yD8LtVEgfj8Y70TF2%2BkQYgYfXSLhy3eoInM9DlrvfpBB35h%2Fsp3JjzTN7sFUz09wJZ2Adqsad%2BClDekAOOjBtV7AHfvNLl%2BwBnSxCn5ECTCJLNBy155SSiBHf1NTeCjI3o7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bee9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 moment.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 33 KB
13 KB 41ms
35ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8dba-857b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf4Wx9f%2Bp0avsyFZ5GppxKz2rX8qdHbK4FGv3boRoHj%2FP1mIovB93VuC6C69tjS9ZYMtHSqx6Tq6UCNeNoMiULa1iW%2BZyNyPCoxUZ9nJI3Vuos2k32TjV42LC72HuwlsTR8k5lpzROG%2FrCzdkv%2FeXTPg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bef9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 bootstrap-datetimepicker.min.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 23 KB
7 KB 42ms
36ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32989
etag: W/"63ec8dba-5a28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhLijAMu0%2B3ICmbsFvPTCz5vl6hKWf2rGItZ8LLsbBbqke8rR2R%2FsEEBRt7IU8XtPU1cuB%2BlYf9ph%2Ff3b%2FZtFId2%2Bqt6xsA98TxtFSwgQuCd7spjxBspB92mT%2FF%2B%2Bx6jt3YZEywUiXpTdhtIfngCAQ%2Fx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bf09b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 script-datepicker.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 236 B
662 B 44ms
38ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32989
cf-polished: origSize=552
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:46:02 GMT
server: cloudflare
etag: W/"63ec8dba-228"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BldScA2n2TUfUEz%2FqHMuDYNfaBPkagZam5OQG6gHdfCc1gCm8oE35SzgVqwDzT5LM0uSNazfLExuaxmrAuMWpy%2BRryAamgyvurcxYh0mQggItbty5HuSuaXRNQiU2sAdZL73OplRDt9IMKCFfGVeDWPV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bf19b5d-FRA
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H3 200 script.js Show response
securityaffairs.com/wp-content/themes/security_affairs/js/ 4 KB
2 KB 44ms
38ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32989
cf-polished: origSize=6278
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 07:46:01 GMT
server: cloudflare
etag: W/"63ec8db9-1886"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd0ZBX1Qv49e9nWVYqMpbu%2BMyFuVvelPZngCfcxA4SSkU6USlJvoCkZVGp0S2UyEY%2FIh5TJ9EE8DE1BbSSA0BH2damHayMxnxCAKkpXcnU7P0VkejCDMI6FisB738wO6WfvENWfyFlqb9%2FKQ8dfYMZLB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b493bf29b5d-FRA
expires: Sun, 24 Sep 2023 16:59:08 GMT

GET
H2 200 e-202338.js Show response
stats.wp.com/ 7 KB
3 KB 61ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202338.js
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 16 Sep 2024 03:33:22 GMT

GET
BLOB 200
OK 97c1481c-762c-4826-8232-e1aaa2e7954d
https://securityaffairs.com/ 5 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityaffairs.com/97c1481c-762c-4826-8232-e1aaa2e7954d
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 5047
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 50ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 01:40:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 02:08:57 GMT

GET
H2 200 64b5cd2fd23b930012608ffb.js Show response
buttons-config.sharethis.com/js/ 927 B
1 KB 96ms
22ms Script
text/javascript 2600:9000:2111:9c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/64b5cd2fd23b930012608ffb.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2111:9c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
via: 1.1 ece983986e74e7e31b6830d8531f6fb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C1
age: 48
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 927
last-modified: Mon, 17 Jul 2023 23:22:28 GMT
server: AmazonS3
etag: "56f01d1dc4635d0cd55fc8c794bbe43b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: NajN1nbdcDWDFIYXKAVka2jce04QA89MSFXU5v9OsV_hccJ6Dz_vfQ==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 65ms
8ms XHR
text/plain 3.65.104.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Clop%20gang%20stolen%20data%20from%20major%20North%20Carolina%20hospitals&cms=unknown&publisher=64b5cd2fd23b930012608ffb&sop=true&version=st_sop.js&lang=en&description=Researchers%20at%20healthcare%20technology%20firm%C2%A0Nuance%20blame%20the%20Clop%20gang%20for%20a%20series%20of%20cyber%20thefts%20at%20major%20North%20Carolina%20hospitals.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.104.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-104-49.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 02:08:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 940 B
1 KB 54ms
52ms Image
image/svg+xml 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1852488
etag: W/"63ec8dd0-3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxRQif7IBLbxyTuwaSF1EcgfzF09xLzRdhQMake9wf%2BrZWwSWxSkarR7synJWLOMpWjy8EbYtWmN5Azqgc0AhhC9jsdvZsmBK82wbjfAjcNlDdTbZ8oDJGI%2FHjpBq9NL4DWdJM3NRVR79HZdklA%2FJ%2F0R"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 80860b493bfe9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 b-arrow.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 903 B
1 KB 51ms
51ms Image
image/svg+xml 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/b-arrow.svg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1843299
etag: W/"63ec8dd8-387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V61vtjG5Xps7ooFvtV%2Bd%2FHSE84qmh69GjQmf%2F%2BqhR9RGIMzSHU9JJ25m6A%2BE2qhRiXLt5eRacEYKKjFt0Hu2ybWpy5r0%2F3490bya0i6xLlar2qUd2iPAcG2I0uJe5CXlLus5ZpXZ6cDFxSwvzhtbG1vX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 80860b493bff9b5d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 287558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:16:19 GMT

GET
H3 200 fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/ 75 KB
76 KB 46ms
46ms Font
application/octet-stream 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 07:46:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6183
etag: "63ec8de8-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8Sp8nyUS6aKaiEJq4ycdbD6B5TA5Jnye%2BaKNFW69DYXDv4SvHxkFJDHYBagLeJ6uL%2FuYlKMfeby8G3vHsmW4cDh50m4RNJlsW17EEbpmKPE9DZIcEy5PCuOtsPFLGlT8uYnbUisPXrApr1b9IANZML%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80860b494c009b5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 13ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=150949&tz=0&srv=securityaffairs.com&j=1%3A12.5&host=securityaffairs.com&ref=&fcp=377&rand=0.035632447220567576
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Sep 2023 02:08:57 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 twemoji.js Show response
securityaffairs.com/wp-includes/js/ 17 KB
5 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/twemoji.js?ver=cc93dd60bf1bcc2ebb77dacd7f181ef3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444239
cf-polished: origSize=33089
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-8141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6bNQ6XOCPy%2FXy1KhBmZ%2BAFVkPLneL4%2FVBvvvuldcdIHoSZAxIpbSwNzMZB0sTNoKtEFCXGS8CJAjsAZS1je%2FQvuGVcP51WJ0a9MulWBpDrg%2F%2BOzWqIN0A1%2FAj%2F18T%2FUF6S4kHJTilCYGp1dv7E6YH2r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b4a2c8a9b5d-FRA
expires: Tue, 19 Sep 2023 22:44:58 GMT

GET
H3 200 wp-emoji.js Show response
securityaffairs.com/wp-includes/js/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=cc93dd60bf1bcc2ebb77dacd7f181ef3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444378
cf-polished: origSize=8969
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5QqejKCYFoiJRENGgAbAKOUNdN4pP%2FLnM%2Fvp%2BjHtllxVhS7u0FhqQIUHtQjZBpsBt0%2BFQuEm7RcSUaJ65OvtkpyDXx4bXyKNvh%2BeZCFIiCxQnLI8UPjzrHvBTjC%2BpRIBFgz%2FEQxBGoZpe5t0D4%2FgGyp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 80860b4a2c8c9b5d-FRA
expires: Tue, 19 Sep 2023 22:42:39 GMT

GET
H3 200 schema Show response
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/ 232 B
774 B 77ms
77ms Fetch
application/json 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/schema

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66JyMS2RtdNpq7gR%2BGVFORHECROcvKRMGdqp3iWU4IViAqS%2Fn%2BWYlM5LazflmdIeyf%2BGGf2PKz0bkPaD1OuhaqiFh19QcdjzTfr%2Bb0BvEorOJYrZhKDm4huNITGtbL0juLd11ySllr6VV5955Hg1ndvI"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 80860b4a3c8e9b5d-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Sep 2023 01:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1476
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Sep 2023 03:44:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c8695421c1204d8b46122d8a9d6ffedccc51613c08749d1c30e5c66a0721107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 02:08:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 37ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je39d0&_p=727432542&_gaz=1&gdid=dZTNiMT&cid=1216587265.1695002938&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695002937&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&dt=Clop%20gang%20stolen%20data%20from%20major%20North%20Carolina%20hospitals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 59ms
18ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1216587265.1695002938&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1216587265.1695002938&gtm=45je39d0&aip=1&z=1004098224

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 380 KB
129 KB 99ms
82ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f6bbaa4580eaeae5ed5ea7e121db05efb20eda01c160bb9342067b26fc8fd67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131915
x-xss-protection: 0
server: cafe
etag: 731667475364164471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame FE74 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:00:01 GMT
etag: 8554266389219770021
expires: Sun, 01 Oct 2023 21:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=727432542&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&ul=en-us&de=UTF-8&dt=Clop%20gang%20stolen%20data%20from%20major%20North%20Carolina%20hospitals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=807831919&gjid=339591041&cid=1216587265.1695002938&tid=UA-59069958-1&_gid=1794197621.1695002938&_r=1&gtm=457e39d0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1068452763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=45je39d0&_p=727432542&gdid=dZTNiMT&cid=1216587265.1695002938&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695002938&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&dt=Clop%20gang%20stolen%20data%20from%20major%20North%20Carolina%20hospitals&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 221a5a398da89ace8729d1cd3c481ec7.json Show response
services.vlitag.com/cli/ 42 B
366 B 182ms
162ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ed6e04dcbd1ec31b35946a82d309f567784d9c6fa612614997d21df9f3ef3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.com
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4b58f7692e-FRA
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
611 B 37ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a61f5b51ac3377754f2600b2ca6aea08c99f5659672782b0a829fd9da9e90407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72B0 603 B
218 B 73ms
72ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1694995738&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695002937995&bpp=3&bdt=331&idt=191&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4634220255263&frm=20&pv=2&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077327%2C31076994%2C21065725%2C31077705&oid=2&pvsid=3517249380039617&tmod=672292082&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 refill Show response
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/ 2 B
627 B 35ms
35ms Fetch
application/json 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/refill

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGC1LO%2FrXDgC2dhyvXBxoaL5uUCGjN2ZeI6c1a7ZH9mQWbSZ8QSQFWmTvclmEjbP1oxU%2FpZw4aEi92R1dh2gmT8hsIQo%2F7SoUf7O61ko5dBi3bqNwkiSU55llrnPgnWx2kbjoc0UxLp8kuVL%2BagRRi5V"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 80860b4c5dd09b5d-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94652e478f7e689cf19ad2b4ecdfccf26e3eab676045f595df52ece72affd4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12134
x-xss-protection: 0

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1694923390/ 13 B
280 B 14ms
13ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1694923390/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Sep 2023 13:26:48 GMT
server: cloudflare
age: 41800
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.com
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4c5985692e-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 221a5a398da89ace8729d1cd3c481ec7.json Show response
services.vlitag.com/obj/1694923390/ 38 KB
5 KB 15ms
15ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1694923390/221a5a398da89ace8729d1cd3c481ec7.json?cc=DE&hn=https://securityaffairs.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0edddc5a409a83391e9fb3e56e56a2e8ddf3fa3dad7d285f918e48a55b73b0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Sep 2023 05:56:28 GMT
server: cloudflare
age: 63426
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.com
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4c5986692e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/ 4 KB
2 KB 56ms
10ms Script
application/javascript 2600:9000:211e:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2ed80b537e658858b2ebe3ebb7a8ff5fdb21089766a68419c0fc28153daac66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:00 GMT
content-encoding: br
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 08:21:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 59
x-amz-server-side-encryption: AES256
etag: W/"80be8c66218699faf47d6f2ee2c359c1"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cTfnSyiFuDZttTeiXZc07cO2LJ6W4D7LHW9AllNWoYPv_aa0G2IhYg==

GET
H2 200 prebid-7.48.0.js Show response
assets.vlitag.com/prebid/default/ 561 KB
172 KB 44ms
25ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 08 May 2023 07:36:47 GMT
server: cloudflare
age: 1006771
cf-polished: origSize=575587
etag: W/"6458a68f-8c863"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 80860b4ca8d71d9c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 127ms
99ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5fb671755095969536af62838dd6e3293ace075afa4d66362ba2d3cc423160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29311
x-xss-protection: 0
server: cafe
etag: 239 / 19618 / 31077933 / config-hash: 14175700841114183422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:58 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 357 KB
123 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125468
x-xss-protection: 0
expires: Mon, 18 Sep 2023 02:08:58 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 40ms
21ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1006771
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 80860b4ca8d41d9c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 39ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:01:30 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:04:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 449
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: uZLoEtxlxD91GyJCzxH1-Q1QHq94AcCxj4bqmziOVlmy2s_jLn7opQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 02:08:58 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
8ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
date: Sun, 17 Sep 2023 06:35:46 GMT
x-amz-cf-pop: FRA2-C1
age: 70393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zrDU4OJeQxv5DDSEZ8HFT5lNqYc4BPC9r6ibaga_kdz61LNjMuHm2g==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 63ms
9ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Sep 2023 02:08:58 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 161 KB
42 KB 8ms
8ms Script
text/javascript 2600:9000:211e:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ba9e075b3935a6a603901677129638c4cf8e7daded10b0ef51f80f09c468461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:21:21 GMT
content-encoding: br
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Thu, 17 Aug 2023 13:12:06 GMT
server: AmazonS3
etag: W/"2bbccb42a0d3bc016132bcd035bc38c0"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: SD-dOU43Ge4rtP4XQQgc-pXw8tZ7TqrtsrRE7Do_hl49hdMxBTiqRg==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D75 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 22:32:47 GMT
expires: Mon, 16 Sep 2024 22:32:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1EF1 829 B
1 KB 41ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d4ef6f0bfc1cf4142d68db239b944bc06ffdf38435d3d4390f47e8c77812d03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FxJ-TF5ImbM6034Ckdv6dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-FxJ-TF5ImbM6034Ckdv6dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Mon, 18 Sep 2023 02:08:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/ 408 KB
129 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55805
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131705
x-xss-protection: 0
server: cafe
etag: 17641473086515647811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Sep 2024 10:38:53 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
802 B 47ms
7ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:18:36 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3022
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: ZDQXFX-w0DQfSk6TT-wtZtfyO2_FuIUZ1c_k1K7J6j4TalAtN0wwlA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 9ms
8ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:06:48 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 130
x-cache: Hit from cloudfront
access-control-allow-origin: https://securityaffairs.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: AI7yj1fVCCWgFHXOALTCwENICX3L6jNbTnw-VsLMEWcae6QFU3V4Ww==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 42ms
14ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230918

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baafe295a2c10f302c9cda8a96f98a2b73e6ead991a4663f4ae8014a6169df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36490
x-jsd-version: 1.0.1815
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"639-wLzRmTE9cdnpXmWaSNWKceG5tUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tctIeOPx6fPDRIiE3cLt2Id%2FSW4%2BnKYR1fabFWg7ePgM2OrC3lUNlWqIg1rbu2iee2BFEnIAqeUrHM2JyC1PHMB92gc2zDtWrLqp2D6lrahrUgL5Z%2F%2F7yjoX9eXer%2Bod0DDwhDoMDke3DGEmBJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80860b4dec9f4d64-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 106ms
43ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&pid=glSXH9qk9Q8Xu&cb=0&ws=1600x1200&v=23.829.1852&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: Y1P4ZHSCETFCPZZQETN0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oYxzFEI5gFQqm2avJEkW4C_5SiZPnvty-yhh55LzycIruKFnR0OpEg==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
267 B 187ms
149ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwyqqZryy-BKaT-PtrZ-qwrB-UqMZZTMAqZaZRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC7zh7zs7PAxO7aVNgMOBxql5oYal88ykUbjX3YuLoGNIEvmDAk1DDr0%2FIcSlzm0j%2FmgDEhtRPHzyCwiVPIiolqbQIMJ4Zrj8uXrdXnpdW2Eeeu427P1QWi8Vuir1PLmR2tLstmeWIaXSM8hXkD9cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8218e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
528 B 185ms
148ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKTYPAaPU-rMZt-PMee-aTat-MaBtrYwrKwTPRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gxxx2WLauwzgKeKD1QZyVHTyuPz51yoD4JIsYKoNviP5nCRV1e%2Bv0YUsWDSm43iJOBZaQ18CnPEOsqVCe%2Fly0wk42TkP6Q0mHONN%2BuMgQ%2B6gpZ64N0F1giHqJRAoeVWtJ3Qv%2FHBAin9NOK%2Fs6d2jWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8518e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 62ms
14ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 02:08:58 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Thu, 31 Aug 2023 12:44:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1516657
ETag: W/"f8af1a4095b4bc54b208ebf4d4dca750"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3Z6FwU2wCnRWfUcriwj3YoJDY%2B9daETG4Gw9j75IEqz0X0R3CwGtMTektGhcJKc7X63or9IYJjwQk%2FzPghO8uU7Jo61KK0vhmQoTsMF%2BRdfQ9Wr1%2Bxez4Z5cgKigUBpZSkaMk9hkLNj95Sb"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 80860b4e5c353719-FRA

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 950 B
2 KB 207ms
82ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 08c0f5d2f62e6ada7568f1438fb968a79908b6e7984960f8726f20c066500c6e

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
2 KB 234ms
110ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7b158091c908edeaaba6d8d030b68c5846827cd444e3783c61b1b8b4e5a38b2c

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 99ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 54ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
267 B 208ms
175ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80860b4e5ee1694b-FRA
access-control-allow-methods: POST, GET

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 41ms
9ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://securityaffairs.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
399 B 67ms
25ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 80860b4e6ba218db-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
278 B 65ms
14ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 165ms
150ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNZAUwyPaw-UZqt-PrPq-aPPB-APaeyrYYZyMtRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNldqkzqrltkctk,hxwdqzoe,gftzqu,qdbRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFpuG6BkuY1SdRegLUFoCyvH3EOP9tKsy77yjOn4t39%2BHHIgNQHxPKPuO9Znm961lpyFHavu16jEbePUGURvNugtB2hxoLmY8IwLoHpV%2BXu80sWvw5RmiXJDSutwfWGa9ULX2qTasxjU8eCaEpvs2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8618e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 166ms
150ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNYKBByrTr-UMTY-Patt-qwTA-yrqayMtPBUUwRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRwkjNTR_yszuNyqsltRkjmNUPAbPMARwlNldqkzqrltkctk,hxwdqzoe,qdbRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dY3NtzGj7OL0wMQm2TmHSYQHv%2FTLN7Nrgga5%2BOqMx6qDrzOwStE9p341MuosbmJEuiIYd93MosXHP6QHXF3HofQH6%2Fndd3zuVICatTFmzlZiQd9aL5oMCA%2BMwOapJduaI8bDPAM9anWeJgeh5%2Bxtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8918e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 164ms
149ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNPBBMPrKY-YtqU-PewU-wayU-wrZYyZYUUUYURlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRwkjNTR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNhxwdqzoe,hxwdqzoe,kzwigxlt,jxqfzxdrtb,gftzqu,qrquog,qdbRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwGnuJt4h2vUWvo6Xraa%2BcXhd7ttcXtf4%2FkRZ2qwpJyOFUvAOXYYETYF3Pzj94W3wVnp%2BHIZ5nlpgWezZPG7hRBQnt6V80R9ilzacOcXMhMDbRzYnP%2BELJILncyWaxlwiSshXqieRC7rIYJnDwdMfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8818e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 rules-p-pCNAReJk6bG2R.js Show response
rules.quantcount.com/ 160 B
634 B 54ms
6ms Script
application/javascript 2600:9000:2490:6600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-pCNAReJk6bG2R.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f76335e8788f66c0efc72c2d0db22496f8983e7ce66aaaa7c179f65fa08e5dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:45:07 GMT
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Mon, 11 Sep 2023 08:08:12 GMT
server: AmazonS3
etag: "6436459cd8f96c5ded3826f77d21a550"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1-XIjRi3eZtUR3vhP_cBBoMBlhpRaY26-snQ91YoLC6MRYqz5nfJOQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 70ms
44ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&pid=glSXH9qk9Q8Xu&cb=1&ws=1600x1200&v=23.829.1852&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: CS1QSQDZT0WVD08APVSG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dXyW_2XjUaxy0Ql99fo4pzh9lSFGlv6BJXLK75XCsMLBVU0bGKzjVA==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 154ms
153ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqeZyeYYA-TMrT-PTUe-MKMU-rAUarttUarwTRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mFsUeVDXDUk4KAfMS3GkjrjV0n8TPEFEXCPk7bQIGhCqAnFWh6jv3s5u4gmx%2BBhyjJ0NDJsGsXBAvk4hLT9rPALe7Z7sxQhLpAsYigObRB3wePyBHvHalB%2F7t3efuEPRhtZFANnrZLRozK6lSQITg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8a18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 152ms
151ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNArKMwYeq-TyAB-PrZZ-aeya-YrBTrUaZUMyZRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epxjqWjgAVj9VpkHNH3hTVeZUFK0OTvYf1572PqZPzJiIrxz67Ld9HDJO2RQRRxoUrpd4h57KUZvsJpo%2BZpM5LhNW23uYZYc5FrRKwfp%2B4YU3fKNFH976Hyxd4C6pbf9YPXhKEg4vEo4m54YRmWlTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e4d8c18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
157 B 53ms
22ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:57 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 240ms
231ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80860b4e5ee2694b-FRA
access-control-allow-methods: POST, GET

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 15ms
8ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://securityaffairs.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 28ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 52ms
23ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 148ms
142ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNAeAPqqMK-YPyw-PtyZ-Mytw-UytTKyAZKttMRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNTR_yszuNyqsltRkjmNaKAbaARwlNqdb,jxqfzxdrtb,kzwigxltRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OgqzMnnyj%2BSfc3HqhrznLfOMjNhTcY7raJQHKRIQvOhUHyZ%2B2u0ZN9G8EZbpBUawVjlvrT6Ye8bPC2TaVXh%2Fnth8kY%2B1fyVmgmuFHBAe0f%2BZtoo5PncCrx900kWqPrRLzZmWOOMxIJYBNUCc5VaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e5d9118e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
278 B 149ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNKBtyYaZe-aAYU-PUPq-wBAY-eTtrYBZwKYayRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNTR_yszuNyqsltRkjmNKYMbaARwlNqdb,jxqfzxdrtb,gftzqu,kzwigxlt,hxwdqzoe,hxwdqzoeRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxhrUbKHnHhFCheQrmqi41Zvn5M8YPkLdb%2FTUskpgvPLPQJz3kUgnXkhqRGT%2Ft9iepcr0QY%2Fcq%2FXKO1SZCHL%2BJOXnGBEg66H0zaK%2BvBX%2BxZx1PPyBAT62mL57oemFLnP1LlbRHPcyZgYauJ%2BfHGBmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e5d9218e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 53ms
48ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&pid=glSXH9qk9Q8Xu&cb=2&ws=1600x1200&v=23.829.1852&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: PG60DPP398B9K8TSTF6Y
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uRQntLSSc2LgCu4D32aro6CFcjFT4b475L4JIVskAXTAeBe63QM0fw==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 147ms
143ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBwtyATqe-ryew-PBwM-wrAA-aUTaeBABAMyyRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNTAKUUKRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K7im3941NDJiBCnMUgyhc1xWCkswtCy7DDPZKM0sAdA8sslNMA%2FhsnOtDL%2BAwLEShLxA%2BIZxsAPxXCa9ZutIMwmh2GTom1Nl1hR8CR3wZHEMCUufBlTE8j0YIDSmgd8YF43IGvZgI7FYeWrIHrT5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e6d9d18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 16ms
9ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://securityaffairs.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 41ms
34ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 250ms
244ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80860b4e7f03694b-FRA
access-control-allow-methods: POST, GET

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 19ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
218 B 36ms
31ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Mon, 18 Sep 2023 02:08:58 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107667_1
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 80860b4e7bab18db-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
2 KB 161ms
93ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 044ba816e2983deee83b6fcf204149c02261a0bd5b45b839f61f8cfb480ce553

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
131 B 30ms
26ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 149ms
146ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNaKPaqaeM-TrMr-PYKA-aUrK-wKZtPyPateyyRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRwkjNTR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNgftzqu,hxwdqzoe,hxwdqzoe,jxqfzxdrtb,kzwigxlt,qrquog,qdbRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqQue4U0cunpHtYbQvnolL2nNjdL1CKC43c2nALYx%2F0LdoiC3myGbaBfMLNOi%2BGVL5zpk%2BX8RnHSn1Pb7%2FLH2RSOzWV0WN4PyDBdypQ7wZucy2c153m8wpjwFSFJFt63EDuEMyz3nNQl0XFyHq5iVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e7daa18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
520 B 147ms
144ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNtPBUaYTZ-KMrw-PwKZ-aeqr-wrPMAUKwTrBURlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNgftzqu,hxwdqzoe,jxqfzxdrtb,ldqkzqrltkctk,qdbRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEI%2FE9OiI31isHzr3103fhjBuoI5X27JdVa60j6ZIC3WF6umZ2AdO7IXQAi5veBvrCadvYLi%2F6Egc%2BDng9i%2BwIK%2FAF2KlQ%2B%2FR%2FdDaLgc7sRmC65diwq8ROHk5rV2LL%2FOy6ALZsPbV3%2Bwk9d0%2Ba%2BYQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e7dab18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 46ms
45ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&pid=glSXH9qk9Q8Xu&cb=3&ws=1600x1200&v=23.829.1852&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493111310_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A111310%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: KZRCA4BJAE0D6BWTTJ7P
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 6embKLO5TDrBDyUXyw6aWnDHEMy1zCI2GAdSKDi8G1sbWixn1WJyJA==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
267 B 145ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPTqYwKaw-KrAq-PKPw-aqTa-BYwAZYeMwUeURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNTTTBTARleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qL7nZJqUKp9xuEcjoSNcyhyKYQGd2itEoOpYsmfEPCKbuT%2FUTSKxLiAKiwbuLL2F75Vzp5Dei4q82zKGklP5ytEnwEPNj2e3zFqUeD3LHoF619R1Qlvq808JRr6OKLLAr3AMmGh%2BK82GxRidOE0nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e8db118e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 230ms
229ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80860b4e8f0a694b-FRA
access-control-allow-methods: POST, GET

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 16ms
15ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 9ms
6ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://securityaffairs.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 54ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 17ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:08:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 152ms
149ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTTTBTARzdNaTaBMwqe-KMAt-PaqU-qwMB-TAByyeUtUqUaRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTTTBTA_TRwkjNTR_yszuNyqsltRkjmNaKAbaA,KYMbaA,PUMbUARwlNjxqfzxdrtb,qdb,gftzqu,hxwdqzoe,hxwdqzoe,hxwdqzoe,kzwigxltRleNplRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rrQqw%2FsZErUqHzIY6DPiyvq44hNo52MR1lX0hLOnoBqF4EgEmjDzJ%2FcmnI9KKAaBSu54SqA1edY%2F5FHDp1sf3SfosBekC4P3R1oUsP68FMaAEtuwyR673XdoROZv61Mho1%2B3CU%2FWv8SxCxp0VUCmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4e9db718e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1EF1 0
0 49ms
46ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=3517249380039617&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D75 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 19:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 19:09:04 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
436 B 58ms
14ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 80860b4f1d77bbc7-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 36ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 02:08:58 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 192579
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 31 Aug 2023 12:44:55 GMT
Server: cloudflare
ETag: W/"69d6e69258e345d4df1e72d8a9065e99"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4aum3O1EL5t7vRD9vxSlKmJ6hoVSMfbqqTrOrCsU5xm01X%2BMIzb84c4gmlN2ooM7hVXOMCsPf4dgyTKqkrHaz0mH8AcD%2B5jbrjKS%2BiY7iF%2FSWE8Jra52iNMdHfGTsbmtyrQapMk5yR8qGHw"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 80860b4eee2f9b49-FRA

GET
H2 200 pixel;r=560474651;source=choice;rf=0;a=p-pCNAReJk6bG2R;url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html;uht=2;fpan=1;fpa=P0-581957370-1695002...
pixel.quantserve.com/ 35 B
371 B 14ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=560474651;source=choice;rf=0;a=p-pCNAReJk6bG2R;url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html;uht=2;fpan=1;fpa=P0-581957370-1695002938588;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;us_privacy=1---;ref=;d=securityaffairs.com;dst=1;et=1695002938705;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.Clop%20gang%20stolen%20data%20from%20major%20North%20Carolina%20hospitals%2Cdescription.Researchers%20at%20healthcare%20technology%20firm%C2%A0Nuance%20blame%20the%20Clop%20gang%20for%20a%20serie%2Curl.https%3A%2F%2Fsecurityaffairs%252Ecom%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-bre%2Csite_name.Security%20Affairs%2Cimage.https%3A%2F%2Fsecurityaffairs%252Ecom%2Fwp-content%2Fuploads%2F2015%2F03%2Fhealthcare-MedicalData-br%2Cimage%3Awidth.536%2Cimage%3Aheight.352%2Cimage%3Atype.image%2Fjpeg;ses=623aa957-07fe-4fb1-b638-a94283d62f16;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D75 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BqaQtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
20 KB 228ms
228ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3517249380039617&correlator=1109989193463733&eid=31077933%2C31077707%2C31077232%2C21065725%2C31077705&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22655399017%2Csecurityaffairs.com_vli109421&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D75d5f07c0e4cf7e6-2245241be8e3002b%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MbkT3GaS-NxCHxJ7NKOAnmNXSd1oQ&gpic=UID%3D00000c781b64d90e%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MZUH1K2JWg7Phn1_3Dx4FOcgdKB_w&abxe=1&dt=1695002938847&lmt=1694995738&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=true&dlt=1695002937663&idt=1006&prev_scp=vli_adslot%3D109421%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_24493109421_banner%26pw_tagid%3D109421%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=4164568994&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64dd310e92d12e9cf0238bcbea0f0118bd9102a03f9c99d1a27e56395f5df8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 143ms
142ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZwqMAyqB-KBaU-PMYy-aUKT-YaABrYKZPtyyRdzNwqfftkRwlNcso_YKRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTAaPYTRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:58 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJxMDNDZJVL9iQTxjpZ34fgja4JtCsr2MQgj0Q2nNF1B%2FF5VTKOdQEJqZ40b4IdjmXvh6YSAwS1opKpTmfUUESqaPBrqx0KcB5mv3Yy9pCQ1g4HehPNbeXUMd50fHcxwkHiZPQ6F82KrxND8z%2FfYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b4fde6a18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 166E 6 KB
3 KB 79ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Tue, 17 Sep 2024 02:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/ 38 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl_page_level_ads.js?cb=31077933

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a32c40c10e475dc6255fc3dab367b6b5e62a2cadc958eb98c74b712ece3fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 10:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55794
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13650
x-xss-protection: 0
server: cafe
etag: 7772522360588555960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Sep 2024 10:39:04 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
18 KB 417ms
417ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3517249380039617&correlator=3033379382560201&eid=31077933%2C31077707%2C31077232%2C21065725%2C31077705&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22655399017%2Csecurityaffairs.com_vli111310&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D75d5f07c0e4cf7e6-2245241be8e3002b%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MbkT3GaS-NxCHxJ7NKOAnmNXSd1oQ&gpic=UID%3D00000c781b64d90e%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MZUH1K2JWg7Phn1_3Dx4FOcgdKB_w&abxe=1&dt=1695002938917&lmt=1694995738&adxs=315&adys=378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=true&dlt=1695002937663&idt=1006&prev_scp=vli_adslot%3D111310%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111310%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3444978212&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4b17a94485a9de7d0cf1174ea264afe26954fbf9c6119ffa31f000951455171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18643
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
533 B 141ms
141ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMPUTMYZw-KwMK-PUBZ-qwww-rUqtZYwKaPaURdzNwqfftkRwlNcso_YKRkjmNaKAbaA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNTTTBTARleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSKrc%2FDryODSXBdJhkKq3ILPJuyV0XtZX0aHpQl4jGlAqaDSOnHluOkvTZ7ijthhyutl7EheVd7WIvCQVFfRHiR2JoBJ7x4GXWZuuaxwKUOqjHi%2Fif5CtyIqa55IiEO0y4PdEvBejHuTRyHUw7cJTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b504cf3bbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
13 KB 294ms
293ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3517249380039617&correlator=1257636757461158&eid=31077933%2C31077707%2C31077232%2C21065725%2C31077705&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22655399017%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=4&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D75d5f07c0e4cf7e6-2245241be8e3002b%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MbkT3GaS-NxCHxJ7NKOAnmNXSd1oQ&gpic=UID%3D00000c781b64d90e%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MZUH1K2JWg7Phn1_3Dx4FOcgdKB_w&abxe=1&dt=1695002938930&lmt=1694995738&adxs=405&adys=1504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=true&dlt=1695002937663&idt=1006&prev_scp=vli_adslot%3D107667%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3211921739&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ad1a9926a8acbac38299ec08fbd6facc377ac2f1aec054fd37cc9001bd91c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13530
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
502 B 139ms
138ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKweZPKrK-AaqM-PZrw-aqqe-BKrZMYTBqaqeRdzNwqfftkRwlNcso_YKRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ndypk3wTQ9sB0oXQzq%2FeNw%2BWWuXF2OJloDjPGomicnAJXqi%2B2y%2F9%2FrhwUWz8q1p4QIfoLW1Yjl923ufZMQ5WlbyH7dMgZKiir9oQ4nq0YarSV5scX9wcoqnw%2BeNEicQBR5DOczVrs%2FAOz9MoZMq9zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b505cfdbbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 263ms
263ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3517249380039617&correlator=357505549761172&eid=31077933%2C31077707%2C31077232%2C21065725%2C31077705&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22655399017%2Csecurityaffairs.com_vli108383&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D75d5f07c0e4cf7e6-2245241be8e3002b%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MbkT3GaS-NxCHxJ7NKOAnmNXSd1oQ&gpic=UID%3D00000c781b64d90e%3AT%3D1695002938%3ART%3D1695002938%3AS%3DALNI_MZUH1K2JWg7Phn1_3Dx4FOcgdKB_w&abxe=1&dt=1695002939026&lmt=1694995739&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=true&dlt=1695002937663&idt=1006&prev_scp=vli_adslot%3D108383%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D108383%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2122448310&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5217ce0a0202b0b14813cae8d18628a47d4b9441cd7ecf89f8fbc8774c51b4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17483
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
500 B 142ms
142ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaqwqeePB-rYty-PqyK-MrTr-yZarrqPeAYTYRdzNwqfftkRwlNcso_YKRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTAMBMBRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SySL9Zp8z%2BDtABOgYajLl1D%2FoNDH3SPmLac39pplvw1K0USdFFqiijJOnUjabcB%2FfkccjsPNxuGMIrNJXaObqWaS1KPyNwwLcqFyeZ8N9om%2FUo%2FwQ68Hvrl4jBxzl6Y0BtQNwTsC3gc3YxhOPYuwiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b50fd4abbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C71 6 KB
3 KB 13ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Tue, 17 Sep 2024 02:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7C71 4 KB
767 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 01:24:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E9F3 2 KB
3 KB 71ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2291ebd49336a26942ce646542223b34f82be07fddd94b49a0e5bd7e47924df0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80860b51e9d0364a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:59 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame BC36 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 11:40:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1108 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Mon, 18 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame BC36 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:32:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BC36 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJ7VxtkKDHGSRKeo9DVN9wsQYQeE_tegbBSN5TrdPiCMZl7CKLpgOADsOCoqBK4NgvycwHftungMc1sLDQDNxe5ejRAw
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BC36 24 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Sep 2024 22:32:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC36 182 KB
57 KB 57ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 7C71 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 02:08:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1108
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15...

170 B
232 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15uDovUlLygCSExK77WwRGJKLp53tzrxpaCZ4PlK014Vx1mEVj6KdTN6tc

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-gfcd4f77#rel-ec2-master i-064d20a31ca5f1852@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEOW82C1RjmyKUufcFse2E9k&google_cver=1&google_push=AXcoOmRvywX-8PyKrgDoMErSXfvu7yExpmbMHnuqwyeHY15uDovUlLygCSExK77WwRGJKLp53tzrxpaCZ4PlK014Vx1mEVj6KdTN6tc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1108
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN1LqNOdFcGPDkelxu78Oy8&google_cver=1&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpHs8lv1Muz3PC-2MEs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpH...

170 B
232 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpHs8lv1Muz3PC-2MEs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 02:08:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmTqE3cTnX4AopxaJnY-UGTxdykjx6pY0H9JTwGx-aB8OcuXVyv-3DOp3dhoKnJfzv7a5ayelSCJawQnTpHs8lv1Muz3PC-2MEs
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 17 Sep 2023 02:08:59 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 1108 42 B
233 B 279ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEE-w44mQAMFE9CVY_gZaRB8&google_cver=1&google_push=AXcoOmQ7hpQg2fxL5n_ajkgfjgSFuG-yKTafAKDjJWq-S2WTCPdBjwmKITwe0OZFFx4YtG-cVsvlLrJFRNcc6yO13IvOFyurGYF4hTs
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1108
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECXXhRGQYow1bMerfYX7zDo&google_cver=1&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBKVVLC4G4Ir4ElbNinvRg

170 B
329 B

46ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBKVVLC4G4Ir4ElbNinvRg

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRkDI9dJPUY5gvpzJPusORK7yOzojfwyU7fYZn_YYKRM81JnIgT4sFV-JJJ0Sc8rIflqQLr5Sii5KBKVVLC4G4Ir4ElbNinvRg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 1108 42 B
233 B 279ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDGCuP7o9gxXrOev4nInDoE&google_cver=1&google_push=AXcoOmTWOWg6zuEnfS36D5jFo9DuiuM-Iap4L2u_4vmSD1hUwI-FO1KLfmgOEdXXS1vPgCzLFwmfRg9Cxg_oDez3mrmWLq-5fAzcKbX6
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 1108
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEIEcInIdYitNlVKG8Dib8FU&google_cver=1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6...
https://sync.gonet-ads.com/match/google?google_gid=CAESEIEcInIdYitNlVKG8Dib8FU&google_cver=1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=OTY0NWFiMjQ2ZTkzYmY1&google_push=AXcoOmTIEYa8kJ6HmOVYbADrVO3WgCzSc9KXqAkffybY1rQd72JENqANuRv9Gf5ClKFBhcpP_CTVJhpA0erwRovUtKa6l21cg...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=OTY0NWFiMjQ2ZTkzYmY1&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

89ms
7ms

Image
image/gif

2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:31:47 GMT
x-content-type-options: nosniff
age: 16632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 21:31:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1108
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAR_E20C6ybCV48PBE4KMSY&google_cver=1&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5k...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5kO33ltGCbCVhSMhL52q3JUAdpURpGL9SfYebwi

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5kO33ltGCbCVhSMhL52q3JUAdpURpGL9SfYebwi

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 241c326e.9ffc0c8
date: Mon, 18 Sep 2023 02:08:59 GMT
x-bytefaas-request-id: 20230918020859E8E7A8D0F3A8BB0BE365
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-84-216-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time: 97,184.84.216.219
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230918020859E8E7A8D0F3A8BB0BE365
x-cache-remote: TCP_MISS from a23-32-17-25.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTnm2Zp1Xc_-YEQIMkPNoLfz9fk3eN7jcGmCnCpINFJfzSCXJ6BYb1oRolXi5kO33ltGCbCVhSMhL52q3JUAdpURpGL9SfYebwi
x-bytefaas-execution-duration: 3.93
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 10,23.32.17.25
x-tt-trace-host: 01b62c302be944ad67bd2f5a9a4443318216082098c13bf8210d00da2ff8e18da764e16e04604ade0bec67112eb620e1275b21ab8d7bacc03e46eb4ab895e8e917aa983b1856138ee8d6442a82b9cf993992cd7dae6e0a0d4fea8a6ff9f7e096fde681e9998f62ca9ca6eb673572dac20b
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1108 0
139 B 52ms
14ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmV4vDYReYfi5zKtWYCGJ0wrgdZ5ymJOxdwzhPOgLiZxTiaCFC-_3aEPnHSdSh8rHs1OL0TWGS

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame E9F3 115 KB
14 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 836346
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDvdi187DH1vT523nqUuZ5tXkQn3%2BvpEOKJU38YQFAcv7nwYIOWSRmM0NE38QfXPLqslt1ZjOn5E%2Fec3jaixLBQTzHK1JeRfG4ruon900fTRwkMTqHUBo01vvA2KqZByGd4MoEVEE1A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 80860b526a1d364a-FRA
expires: Mon, 18 Sep 2023 03:08:59 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E9F3 25 KB
10 KB 35ms
16ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 466708
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHDP0Kma5sCtv0WhCmpRm0hBf2SkV34cQ8nR35%2BbXzf62RzzFUHFAG9bx4BtOBJoeKmHU1qGMXq9nmoS7LqlD04jHPGm5tppalQoEZlEhF7OgmsUerrgEajJti8MXqjruQvWq%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 80860b528a32364a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Sep 2023 16:30:21 GMT

GET
H3 200 container.html Show response
14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDB9 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Tue, 17 Sep 2024 02:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
500 B 148ms
148ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBZUUwKtZ-qAaa-PMBU-aAKe-ZeTZKeBMMtPARqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAKUUKRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsqvCgpOFo8ef6Azk4ZXqrdUHpMNXpOwQEGhfH%2FsmxFyFrD2zqh7GTinsA7DG4tYuBQe7tTWrFMqRMw9mzwvs8%2Fo9gJgMgF2qbZ7SSca0wt4%2FjbV3JvIKjaqysU%2BQ6Yo2G5aK6%2BuInhQmCxRkRyjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b529e2fbbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012308011702000/ Frame CDB9 222 KB
62 KB 96ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:25:32 GMT
age: 449007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62025
x-xss-protection: 0
server: sffe
etag: "2e9edf8f2a89282d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:25:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame CDB9 15 KB
5 KB 111ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:25:32 GMT
age: 449007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:25:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame CDB9 94 KB
28 KB 111ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:25:33 GMT
age: 449006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:25:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame CDB9 5 KB
2 KB 115ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:25:33 GMT
age: 449006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:25:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame CDB9 40 KB
13 KB 115ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:25:33 GMT
age: 449006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:25:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CDB9 6 KB
706 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:56:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDB9 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17382
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 18 Sep 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDB9 295 B
319 B 12ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17382
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 18 Sep 2023 21:19:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CDB9 0
0 19ms
16ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSif13R6DVArSfXiM9L_Xyq07jBoIYJp9MrDiDrQEzbERSccEOFKYi8VG8YfUG9e9lyJhAO-a5f_jNx8nRTa-HnhXO9ig
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 container.html Show response
14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFDB 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Tue, 17 Sep 2024 02:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
502 B 161ms
161ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPaaPUAKK-yYwt-PZUB-wraY-TZAtPqAAtqaZRqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAMBMBRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD6HWZJcGROycoHboE%2FMl6a42qkujKl%2FGqo2mNL%2FgtVuAoKfAVugUePjHtnycADjiylPyXrYuETA0HprOyY2xNBZ9G25FJTUEQ181iZXagZbr%2FMSZOJcQIdjJDlQubsg%2FPVjXFhXt%2FlkLnbaS9cZRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b52de51bbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5C0E 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1932557
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 80860b5309b12c5b-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 18 Sep 2023 02:08:59 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoUc6nn%2BGng0RHiTiWN9D7BQmvBWa%2BHz9TFT7B4FHLdDttKMo4BI1jYp71rjMt1Fhuwhl9odoS8SjUghUyb2zKtcckrwTrE2sY2Kaa4VSqKrS4mWCMZynVLMwV3K5cNpFo4q8n8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/4383093901405558191/ Frame CDB9 37 KB
37 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4383093901405558191/2076313506083323656

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fdfb4459ca9aba0bb76eeeba7eee15f7d7dc85404580378744ebc0ec0d0765f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 23:14:48 GMT
x-content-type-options: nosniff
age: 528851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38096
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 22:08:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 23:14:48 GMT

GET
DATA 200
OK truncated
/ Frame CDB9 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5de578ea18822efd63588f900aa9331d06efcd006d155c9b1a20172f80057be7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CDB9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c13325772681b56bd807194656700c0225c1a9d9b61d20bbda9b738f12cfe7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDB9 15 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 368216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDB9 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 126656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 14:58:03 GMT

GET
H2 200 rtgban Show response
rtgcloudsql.2trk.info/ Frame 523E 5 KB
4 KB 77ms
35ms Document
text/html 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30c41da786d69a91e49c8c81e0a7ddcf39c95a20a68fb1e12fdcb8bbe1cf181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80860b5368153a80-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Sep 2023 02:08:59 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: unsafe-url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekBlkH%2FgHl89EHxN%2F99pmitZbqNHq%2FiH1DxVqs67pH%2FW%2F74QOVy4f7KIsBCdx%2Fkx0NRIah19FIcKUkl5bbz0VqIkgczO5Ckx651SM3IcBglbXRgHsJ5qjbsklvUwlVcxQAv9UgEGzebO7bmOIOiec9NSnRI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame EFDB 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 11:40:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6895 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Mon, 18 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame EFDB 20 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:32:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EFDB 0
0 18ms
15ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtqU4gNAxBTUqX2kAi6_9Bdnq4bRLgzPcyRrk6oaklgc-u_vzhyLImngRGcWt994Hcyl282mnJgshDcxy-64bAK1CHbQ
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EFDB 24 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Sep 2024 22:32:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFDB 182 KB
57 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
H3 200 container.html Show response
14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06F0 6 KB
3 KB 13ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:58 GMT
expires: Tue, 17 Sep 2024 02:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
500 B 154ms
152ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAewZyMMy-BwKr-PeAA-qwtB-tqAaqqarZAeYRqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTBTARleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNcqsorRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ui1fkkB9vpUHj5Vomz6QkfDHq85HIKHjqwL4IfzW0%2BWiNpI1j7VsjVcQ0vW6YIVlYpO4ZjDj4F%2BCkMBbsTJAK3BCB3%2BfNwLFLmjkkKFiW7mY2PzpOXJJTA67BZQCLi80TNnifXPtjFJ24JxTs8SkwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b533e96bbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6895
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWR...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZy...

43 B
418 B

184ms
165ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80860b555913047e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 796
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECD83gW0qqY2zd5_Ug0ftDA&google_cver=1&google_push=AXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFT15FqNWzy279L8O6NWaJbuNqHMJxR4_ZVueNEHUnbUbwwPxn9jl-0YCkKAXhfhtzJQiZWBfqHn2bQhPN43IviKJAtZyWRIld%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80860b53e847047e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6895
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBZ7X5a_ZBTkg3zz3eZi4Qg&google_cver=1&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1lTfd7AdpeOrWGLnDCg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1l...

170 B
188 B

23ms
22ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1lTfd7AdpeOrWGLnDCg

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 02:08:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0F1438C428843C98A65ECE83020B3FE&google_push=AXcoOmRqXqi6SDfaKaFcwq3ReI0_4FJvXoOxjsoFQp9JUbfyWePun7eJkzmF7X_CBDxbjNZ8ouP6KHRr_JYFI1lTfd7AdpeOrWGLnDCg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 17 Sep 2023 02:08:59 GMT

GET gcm
a.c.appier.net/ Frame 6895 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6895
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvuoCLcwQjBWN6Fy2hefXs&google_cver=1&google_push=AXcoOmS2mMSTz9m0aPRnB5dop5b0WvhL1HTB4swi2WYZodGf5CH16iUE4uvNZhsZ-stxpgft3PkxuO3RnvJckwNj51EvhU9V0...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

170 B
188 B

27ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6895
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELRdkmJWSzmaEU5J-ZYYu3E&google_cver=1&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsn...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELRdkmJWSzmaEU5J-ZYYu3E&google_cver=1&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA2NTM1NDYwNzU4ODM1MjQxNA&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQU...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA2NTM1NDYwNzU4ODM1MjQxNA&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsnDiZGUTh7q1pIGqI9jHZnOt2r

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA2NTM1NDYwNzU4ODM1MjQxNA&google_push=AXcoOmRA8K-UvV--L0AZHUGfZdugr_7t-Mmwggc1Zu5Z2KV6aq02VAW1QYbfXUdcGV1vj03eFGlMQUsnDiZGUTh7q1pIGqI9jHZnOt2r
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6895
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFeAbrPe3C63qrXqeB0NLi4&google_cver=1&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFeAbrPe3C63qrXqeB0NLi4&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo&google_hm=cURpRmMzQmlTR0ltN...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo&google_hm=cURpRmMzQmlTR0ltNWg0RlA5U1E=

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:59 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQIGT1i62CnEF9wMU8sRYMONlMl8D3YayadYM_OL1-ShMVQZPcL9LUYqRV0TzwlXCxwruAgZUL915ca4QyL3HscgPMPdhL_jmo&google_hm=cURpRmMzQmlTR0ltNWg0RlA5U1E=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 6895 42 B
233 B 132ms
102ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAF3okOHSAsRFCy08RZGTwc&google_cver=1&google_push=AXcoOmS6ttSBm5jFsuXu0ESEJ3mxz6lmnwd6jJZDQCJDZRjfXx_bgpV4J6-h919S9YwrUhXNc_2xr1f69FSRPLIvobpAT02PUaDroc3F
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6895 0
12 B 29ms
29ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ksbbqri8Vf0pvQMXBqjd_uErCyCe7A_zNbLEAPdkDkjBmgDdt1KZYiPnuXsXIMgOJF9AWi

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rtgban Show response
rtgcloudsql.2trk.info/ Frame 0DE0 30 KB
6 KB 163ms
153ms Document
text/html 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3632e832cf7505fab2bd8707c79de38e4dc9371bbc019e863a461d65e73b6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80860b53b8493a80-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Sep 2023 02:08:59 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: unsafe-url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWv3BLf6MyvRh8qU4vwn5ERDlA0WFzwJ16jFPO2kebtecQRfjirHqIGOEZE8kMgr50tBKDRqADe0V%2BiKPYUPzwL0iXlqwY%2B1AKGOstlXLZJWxCEG%2B6ACnXPxv5JuiHzZHVafg2nL6fmCKoQm1eIx%2BEmO5W8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame CEF1 3 KB
1 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 11:40:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD7E 1 KB
643 B 27ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Mon, 18 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame CEF1 20 KB
8 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:32:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEF1 0
0 38ms
23ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv4xsnbwam8kA4lioBdZtRicGCSkCVFIBxlUs4BzunXFnJv1LbOHQDzwbSI7dQQrE3VR7RVh_b9Dn5Qac0YLY7f7Rckg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CEF1 24 KB
6 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Sep 2024 22:32:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEF1 182 KB
57 KB 35ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 02:08:59 GMT

GET
DATA 200
OK truncated
/ Frame EFDB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0a85005d98b37a27bb7c3636c1b8dd0da2c5fa5dfcd801bc21a8b245731c3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=3517249380039617&bg=!U1ClUB_NAAbP3fMH7907ADQBe5WfOJLxA9uNUB75cGz0TRduCb1U38zcPtLOaIRdZJN8vTdz8QDKF11XamPmHS5G112pAgAAAJ9SAAAAB2gBB5kDDyQ546KBB0CpE4TC3VGq-Z-P7gT-2CYKXXNERDef16Nfw2MQbb6ssM127WfYmLGa7I88ZglyERtk0mopZ0JQTh4j5FkVkrIlGT3KbqXHZeibWJNG96ZsGCUEv87ezl2yUxk40f39xTjxNqo4mudIyRPGjt_c2vIeqyRu69KezcUWQHcqaGWnT0PQatBfn3gKJjigT3Gz7jcHBciGkBb3iAk8NC4-BbbVwnmiFbaOhJepM-yDiu9cqn0gvAGSCf9zSZeTdVVR_GZTwiVD1FxAj_utgASNm3Eotf_SpXycrMS7F25U55JzUPKJckutkMQ-P6AWriQx4Wef5tB3l3Z1QrUmoekJg7Dsga6quUJu4xBmAHXLKg3Dc8DUH0R3FJgZy6OpGp4lz-_XCT60HgnIx8WrfE0Q4c69pJExgYjTDjViYE3HOeee2Wt0i707KW7pnYk5mXMiqHm1MMR5PBzN_klywsK29pwFV45HkA81hvHH_UfRb_o4-Aihr7VWDwetDA18DqLP2gQH1jRJwhTB8VkLji8J8j6N-Pip7YYrIDVRQ-JWYRrdJOM_6k-6U1lzGhBTn1cyyjijQo2kZS2p8BiVP9VYH-hhaFYtIzM743u4dhj_isOQ-MSq-EPr-by4FSgSrFhEdZF9ShGefJ0cVqvDOk-KgXZ5eeh5U95_1cmJK278_zHiNdnlC7xLXdKJZzsU5l0Ib9s2KEnxfJm6LvKC5dQdiTVRQ3GXv_KJLPrhu9QOqi2phgDiHNbRvID3e7-cp6ZA-F-LIYtOhXGy80uXv0ISjWtbbJHWdQ4lnttf2yGGm4pidSsKa-w_fRBMUt6sQFEPkX73gFLQBL7DWj94PknztZYi3GkNzoCnof65CHNE2CGxSIjh0LNfm5UaFMmUqg0ZAkljLbrK284-wilNWHh4YaWY4VQfN3y1B4qN5kcxaz1ovgBxAjG-JQs6o3khnjCygQQ6jUAG4wP5v5ZyA-xQ7W4Gxiq0bpXYTha-CJsd6C5MMv31NMOq4N9aqh5_u8ErfO_zy2jl2UqQfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 2022-11-24-093838781728.jpg
cdn.2trk.info/rtgbannerimage/ Frame 523E 17 KB
17 KB 50ms
28ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgbannerimage/2022-11-24-093838781728.jpg
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a73ebff796388cdfb31534f8892dd3f90f09a1c6bb114a71a23a5acf31dbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83240
x-guploader-uploadid: ADPycduQL9-j36VVJ0zC_xjnRVQou589AI6-nnmlNR4zsLkmyTKAcDNURCdSIjk6plf7tkgpq4OV-xK_6IRRuVebG3kCHQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 16996
last-modified: Thu, 24 Nov 2022 09:38:38 GMT
server: cloudflare
etag: "bb04e38b0627e585fc24350f0b326cc6"
vary: Accept-Encoding
x-goog-generation: 1669282718852611
content-type: image/jpeg
x-goog-hash: crc32c=i4Zyww==, md5=uwTjiwYn5YX8JDUPCzJsxg==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7jSfyqTIzMa6zfwXw7j%2ByoTX2fNthRQhxsyRKp6hXBxjXbBYIM8Dj35l9O3lDI4xudZ3TvMQc9n45kWtFZZubGUGQ%2Be4vkcmIYrNKscI116pFnCfbEn4Fp9dobSFgYSX0qIfAg%2F1MOGBDwC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 16996
accept-ranges: bytes
cf-ray: 80860b54288b3a80-FRA
expires: Sun, 17 Sep 2023 03:43:36 GMT

GET
H2 200 nai_smallpreciso.png
cdn.2trk.info/rtgstat/adchoice-links/ Frame 523E 183 B
862 B 48ms
27ms Image
image/png 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgstat/adchoice-links/nai_smallpreciso.png
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d9446b589f06289e3a2f62cd749f76b571c6acc63ec6e1e93710854017c6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85047
x-guploader-uploadid: ADPycdvYT8m22WpO8clyxzcrRebnhsr5jtXtnuS-hxkfKbaGnmi_0MuwPlAdLsnsObB0BYD_bcKSmCUGxaKa0oDo-MQFfQDshhq5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 183
last-modified: Fri, 11 Nov 2022 09:21:37 GMT
server: cloudflare
etag: "fe4bdf0f314b68757f2ee5c63edd4c2d"
vary: Accept-Encoding
x-goog-generation: 1668158497416006
content-type: image/png
x-goog-hash: crc32c=8Q7Kmw==, md5=/kvfDzFLaHV/LuXGPt1MLQ==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lznLQynkAFRTlgU1t2gv9uo4Hwo6kwhyFH9L2D4GgUJ1yaixXZRofn%2BWwbCrIkoyB%2FsH%2B7Ay2wSqwtuRh3vC14YAXCi2QVJ1uzi0jGoRpqyGdsK8B6deHopJgXerokcoPTxYNEemXhFUBl%2BT"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 183
accept-ranges: bytes
cf-ray: 80860b54288a3a80-FRA
expires: Sun, 17 Sep 2023 03:31:32 GMT

GET
H3 200 nai_bigpreciso.png
cdn.2trk.info/rtgstat/adchoice-links/ Frame 523E 2 KB
2 KB 18ms
15ms Image
image/png 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgstat/adchoice-links/nai_bigpreciso.png
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b4e0ead046aaf8bf5ccbfc2cacb1034484502f3edef69134a060f49edda834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=62898::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUibO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOYCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57OQKnGt_TLyrZkcUxynfYhUH4KQeljMzpzHSY__K4lafYj_MG_XOqzW-uAEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qaEnzKvZGamdtHppL3ADAxrM_mw%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjI4OTgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC41IiwicHJvZ3JhbU5hbWUiOiJwZWNfYW5rX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMS4yMjA1MTY4NkUtNCIsInJlbUFnQnVkQ2FwIjoiMTYyOC4yMjEyIiwidmlzaWJpbGl0eSI6IkJFTE9XX1RIRV9GT0xEIiwiaW50ZXJzdGl0aWFsIjoiZmFsc2UiLCJEYWlseUJ1ZGdldCI6IjQwIiwiZGVhbFR5cGUiOiJPQSIsIkZyZXF1ZW5jeWNhcCI6IjUiLCJhciI6Ik5BIiwiY3BtTWljcm9zIjoiMCIsInBsYXRmb3JtT3MiOiJXaW5kb3dzIiwiZXgiOiJwZHgiLCJhZFNsb3RSYW5rNSI6Ijk5MiIsImRvbWFpbiI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIiwibG9nSSI6IiBJMToxLjAsSTI6MS4wLEk1OjEuMCxJNjoxLjAsSTc6MS4wIiwibWFpbmFkQ29uc2VudFN0YXR1cyI6ImZhbHNlIiwibG9nUiI6IiBSMToxMDAsUjI6MTAwMCxSNTo5OTIsUjZzOjAuMCxSNmM6MC4wLFI2c0I6MC4wLFI2Y0I6MC4wLFI3YTowIiwicmVnaW9uIjoiZXVyb3BlLXdlc3Q0LWIiLCJkZXZpY2UiOiJwYyIsImRldmlkIjoiMCIsInZpZXdhYmlsaXR5IjoiOTgiLCJpc0NvbnNlbnROZWVkZWQiOiJmYWxzZSIsImluQXBwIjoiZmFsc2UiLCJjYW1wYWlnbmlkIjoiNjI4OTgiLCJlbnZpcm9ubWVudFR5cGUiOiJXZWIiLCJiaWRwcmljZSI6IjAuNDAwMDAwMDA1OTYwNDY0NSIsImJrIjoiMCIsIlVzZXJTdHJhdGVneUlkIjoiIiwiYmlkaWQiOiIwYTc3ZjQ5Yi02NjYzLTBmNTYtNTdmOS04MDc4NWM4NzgyZjQiLCJnZW8iOiJERVUiLCJzdWJpZCI6IlRTK2QrcGR4K3QrZHYrZCszK3QrU1QrZCsyNSt1Kyt0K1NaK2QrNzI4K3QrQkkrZCsxNTQ2Njg4NDE2MDQrdCtESStkKyIsImNpdHlOYW1lIjoiMDgzNTkiLCJob3VyIjoiMiIsInppcFBvc3RhbENvZGUiOiIwODM1OSIsImJpZFNpZ25hdHVyZSI6ImIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OSIsImJ0bSI6IjE2OTUwMDI5MzkxMzciLCJhdWN0aW9uVHlwZSI6IkZJUlNUX1BSSUNFIiwiYmlkRmxvb3IiOiIwLjAxIiwiY2MiOiIwIiwiZmlyc3RDb29raWUiOiIiLCJiYW5kd2lkdGgiOiJudWxsIiwiZGVhbElEIjoiMCIsImFnZW5jeWlkIjoiMTAyODAyIiwicmFuazZDIjoiMC4wIiwiY2FtcGFpZ25TZXR0aW5ncyI6IntcImN0eVwiOlwiMFwiLFwibGFwXCI6XCIwXCIsXCJpYXNcIjpcIjBcIixcImxycFwiOlwiMFwiLFwicDhcIjpcIjBcIixcInNhXCI6XCIwXCIsXCJzYlwiOlwiMFwiLFwic2NcIjpcIjBcIixcInBiclwiOlwiMFwifSIsInJhbmsxIjoiMTAwIiwicHVibGlzaGVySUQiOiIxIiwicmFuazIiOiIxMDAwIiwicGQiOiIwIiwiYXVkaWVuY2VNYXRjaCI6Im5vY29va2llIiwid2lkdGgiOiI3MjgiLCJhZFNsb3RLZXkiOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEIiwiY2F0ZWdvcnkiOiJbXSIsInJhbms1IjoiMS4wIiwibWFpbkFkVXNlcklEIjoiQ0FFU0VOdFUtRy1HLVotLVMtekpua1EtVWI4In0%3D%253Bdurl155%3D::scm0=bid_~CM.62898~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=b1463043-2950-473c-a2cd-b37d7a24b169::bamt=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw::ppid=::btm=1695002939138::mid=CAESENtU-G-G-Z--S-zJnkQ-Ub8::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=344253390::dT=OA::mode=ifrme::devid=3::r1=100::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85046
x-guploader-uploadid: ADPycdvGorl_7jl_yWum-LBWwnuA6YZkzcDhAJK5XJgDPsxTBYhTHlJydy16AhokNxBZ_teyGQLaDgW2ZgDjEUBiAiKrqGkYNP71
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1710
last-modified: Fri, 11 Nov 2022 09:21:34 GMT
server: cloudflare
etag: "a4f2dc3f5b82a3cdcf7d575429449177"
vary: Accept-Encoding
x-goog-generation: 1668158493969522
content-type: image/png
x-goog-hash: crc32c=xZG4mQ==, md5=pPLcP1uCo83PfVdUKUSRdw==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8NkBwRpoTaFJpHBv0TBXm9Un5m%2FYdw%2BGZvr%2BKtAOOOsrQ%2F5psYb0nI1lYRQkpob2zAuwf4UCpuoNsewsnTAb%2Bo5fSkbHpRXq7KoM17TJELyWIdnvoGdx3EQ5LA7BoepGbJy4EF6odHKnPkE"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1710
accept-ranges: bytes
cf-ray: 80860b545fa84d4f-FRA
expires: Sun, 17 Sep 2023 03:31:33 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012308011702000/ 23 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1be18754145da605cce6985feda4a79f16c787ceb2697c1579060add9209e960

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:11:21 GMT
age: 449858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7807
x-xss-protection: 0
server: sffe
etag: "d60cf90f3b0a4cff"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:11:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD7E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cver=1&google_push=AXcoOmRYm8qvL7_Nd4kEfWNCwdfw0MsezsHDUMoAU8MC4Im...

170 B
188 B

19ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cver=1&google_push=AXcoOmRYm8qvL7_Nd4kEfWNCwdfw0MsezsHDUMoAU8MC4ImEIaoRYLCLFPGYGFz9MVxWjy0Fwi1PkLFKY426e_Uoe5wZaFpH_a61J48

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-gfcd4f77#rel-ec2-master i-0ffeeb422acf41c0b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUVSeEYyNDQxUUkzSDU1&google_gid=CAESEKbvYcJaBwUGpCtNtqaXUOo&google_cver=1&google_push=AXcoOmRYm8qvL7_Nd4kEfWNCwdfw0MsezsHDUMoAU8MC4ImEIaoRYLCLFPGYGFz9MVxWjy0Fwi1PkLFKY426e_Uoe5wZaFpH_a61J48
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD7E
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-ucH_DlI_ArljOZSV5t6JaJCQvrUtpg9GVRPuVK5yCVejtjQSMtOF...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RCf1mWzg7eafGL2HwT8k0M&tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-u...

170 B
188 B

22ms
20ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RCf1mWzg7eafGL2HwT8k0M&tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-ucH_DlI_ArljOZSV5t6JaJCQvrUtpg9GVRPuVK5yCVejtjQSMtOF6JCDLueOvLKSAOw

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/2.0 odnd
date: Mon, 18 Sep 2023 02:09:00 GMT
last-modified: Wed, 06 Sep 2023 23:22:40 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RCf1mWzg7eafGL2HwT8k0M&tap=gAds&google_gid=CAESEMryYoTTM0Wa1-f8SVXYNfU&google_cver=1&google_push=AXcoOmSUHCECsuEK4znb-0lPdmGQHIC427-ucH_DlI_ArljOZSV5t6JaJCQvrUtpg9GVRPuVK5yCVejtjQSMtOF6JCDLueOvLKSAOw
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD7E
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEKAUgV0fDh5qNgyO4vD663s&google_cver=1&google_push=AXcoOmQbi_L8RX4LjToyojqhkU-vWamqu8V11CBzurzFTVzDk8X7Eyi-CfgJQZME2Zn3e6c5q4LV0HWe3VfKIac86Yi7oBBKn...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=828903303852
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame AD7E 43 B
146 B 80ms
7ms Image
image/gif 3.76.65.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIl4ozXIMSODHAWN4RQk1hU&google_cver=1&google_push=AXcoOmR4OPJIhGSmsdL7HDwDSf6EN0RoZPG7AS9DqQ2UnLfPLdQdOtSwuwVT-zti9XIgRxTHdEldKPt_88gTt6BQ1Pm7gZVEe8IxSeA
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.65.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD7E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE1Npm8U1zE8VOvvYO2hgPI&google_cver=1&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK9jZcNNfI&google_hm=eS1YaWtXbzZwRTJwRmR...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK9jZcNNfI&google_hm=eS1YaWtXbzZwRTJwRmR1OUZHZzJiMkdka3ZYaHhzY1VZVH5B

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 02:08:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTMJ8IsXU9AHGVyQom7_geGktOKdJa5cKst1y40mVChoE0fApsjH3NosxzI20byFTRE3cRPSqfI6Ez5zR9GSOIpbHK9jZcNNfI&google_hm=eS1YaWtXbzZwRTJwRmR1OUZHZzJiMkdka3ZYaHhzY1VZVH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD7E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJVPKf_RSSVfQ9iXrYfPTSI&google_cver=1&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsL...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJVPKf_RSSVfQ9iXrYfPTSI&google_cver=1&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-t...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIwaYDywKHiNr2o5VCHNhNvysfndyur4YVMhNN9gU9RFfsQoeyOelUkfd7Ndae-beX4qgo_zO1j7XeW96rTd4-tsLWIQ54wnU
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame AD7E 42 B
233 B 90ms
85ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBh7YdqG2oxJNalA3gmuSzc&google_cver=1&google_push=AXcoOmTLFbuvpSs7BtlIIAn46Cv_mZRKCHyn5sqqYArMHKw_LnBKztjltG0zj3pxu4eZuakoegWeukoFBN-qztHnpI1obBP29geJeQU
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:08:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD7E 0
12 B 25ms
20ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHcJ5B2E0mzc35ty7CF2sZ3aR9Nvx_WMcKe-6cDAEMY3cCskigVEYiHj1CmGJvumZusb-3

Requested by

Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDB9 2 KB
2 KB 20ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17382
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 18 Sep 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDB9 295 B
319 B 20ms
16ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17382
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 18 Sep 2023 21:19:17 GMT

GET
H3 200 logico-three.css
cdn.2trk.info/rtgstat/50version/css/ Frame 0DE0 5 KB
2 KB 28ms
23ms Stylesheet
text/css 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2trk.info/rtgstat/50version/css/logico-three.css
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a6642d424fc3a9fbaaae2188f62b790e0e0f7b032a79c83b144a107259ad71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1614573307
age: 85004
cf-polished: origSize=7058
x-guploader-uploadid: ADPycdtxEXUrux-cc8dNAqL3xVT3lqzSVZaWKF5eZkTMJptyJm586LzNCgoOSS0XPxWJxu93ly-ouN9SQUvd_0zX1Z7-gg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 Mar 2021 15:27:21 GMT
server: cloudflare
etag: W/"631f2b9bb97d482a52a68d4f2af0198c"
vary: Accept-Encoding
x-goog-generation: 1615217241628066
content-language: en
content-type: text/css
x-goog-hash: crc32c=M5Nhtw==, md5=Yx8rm7l9SCpSpo1PKvAZjA==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qualpEB7OCmE0bSSmT8sS6ETf1qMd6dl8Dea5cGbgNki0am%2F8fKgTN4xlDz5V0Z8HstzUxr0r7VsMSx9J7z83lwsd%2FY3MBxq2RPD9ooPhmRkW6L9XuntVcgkRIgew1kprQhOj2r5mu2OMutD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 7058
cf-ray: 80860b54f80a4d4f-FRA
expires: Sun, 17 Sep 2023 03:32:10 GMT

GET
H3 200 slider.css
cdn.2trk.info/rtgstat/50version/css/ Frame 0DE0 3 KB
2 KB 26ms
23ms Stylesheet
text/css 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2trk.info/rtgstat/50version/css/slider.css
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd81c7f97ea09b046d04e85f4c71fd72acf741ce71b2b51191259cb62e105b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1616399347
age: 85026
x-guploader-uploadid: ADPycdtkalkaE98X26WrQsK4P8NDBm8uiO9xs8yTAKLhDme4YKzBWGlMEvREEuZ0Sxj_SzRUn7chY46hErHgEj0wb2Zymw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Mar 2021 07:54:19 GMT
server: cloudflare
etag: W/"ebfdb99e8e4dcfde3349e6f196d2f103"
vary: Accept-Encoding
x-goog-generation: 1616399659219770
content-language: en
content-type: text/css
x-goog-hash: crc32c=caigCg==, md5=6/25no5Nz94zSebxltLxAw==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fmysu1ox3XF9pjzlX%2FVQeuj5BuARymdZJxv%2F9uRX0CN0F8JCxQctjxEqzRC2upT1ybPAEwDLt%2BVxSNfPLaf70Cqu6KFHfxaT2LgeTMPKMxcXcmjflVNpOHqHqCL4uxe3RVJvqGMYaaii%2BznO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2791
cf-ray: 80860b54f80b4d4f-FRA
expires: Sun, 17 Sep 2023 03:31:36 GMT

GET
H3 200 promo.css
cdn.2trk.info/rtgstat/50version/css/ Frame 0DE0 16 KB
3 KB 27ms
23ms Stylesheet
text/css 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2trk.info/rtgstat/50version/css/promo.css
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a5fe5d03c3f0603d6fb4cfda187a29e2e7128e01a17ac1f3d23d97bea90d4a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1614573308
age: 85026
x-guploader-uploadid: ADPycds8o22hFCNeciwyRC9bu0lVP1vYND-v8Nqg8bjG4fIjuYgIgbwGj8gsZLX15jeGap6R3kvW-pasDZkA2bwIow4743co3eT3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 Mar 2021 15:27:21 GMT
server: cloudflare
etag: W/"2e1efbc903a08ca509c496f6995ef991"
vary: Accept-Encoding
x-goog-generation: 1615217241660981
content-language: en
content-type: text/css
x-goog-hash: crc32c=pf8SrA==, md5=Lh77yQOgjKUJxJb2mV75kQ==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAPSUtb3gYaJauuDeNxeh179IDnMbaj6xnpu0UgSbxUpNcdmAniqO%2BrOb2KWZ77SIq1tgFkkf260rKzts6QGjKQynrDa52CJ5lNFeOvAKGM3IK0I2%2F%2FOUF5CMol9SuqpH6JuGg4FfRfR4BHd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 16686
cf-ray: 80860b54f80c4d4f-FRA
expires: Sun, 17 Sep 2023 03:31:36 GMT

GET
H3 200 jquery.min.js Show response
cdn.2trk.info/rtgstat/script/ Frame 0DE0 93 KB
34 KB 35ms
32ms Script
application/javascript 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2trk.info/rtgstat/script/jquery.min.js
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c27f54b1b1e4d2eeff5afc0a4ac422ebc29d10fcc356da9ce567f926cf177d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1614362051
age: 85026
x-guploader-uploadid: ADPycdu2YleeDbh3YY_qKLuzaAgiobz9XCJnVZUSqpQiwzDOKZrhlSjCdxx7y2BbJ5g2Kx6gyRZGiDIknI4d0RqWfI1TIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Mar 2021 15:27:45 GMT
server: cloudflare
etag: W/"1747449f5bac2c068a524ee343d790fe"
vary: Accept-Encoding
x-goog-generation: 1615217265438256
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=DanJGA==, md5=F0dEn1usLAaKUk7jQ9eQ/g==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlzGuhHhSqOy6JL9Pao7mUWPBLxI3alDY2sq%2B20%2F4TXdUtrJRvwYLORg3Ha3R5bSd3b7NViQdB7AjCULbal7qkBDNXnVJWac8v2Mz6ferc0MTONH8AihjkwqBgcXQqOCSJfj96g2wm%2FM0MFw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 94789
cf-ray: 80860b54f80d4d4f-FRA
expires: Sun, 17 Sep 2023 03:31:53 GMT

GET
H3 200 slider.js Show response
cdn.2trk.info/rtgstat/50version/js/ Frame 0DE0 23 KB
7 KB 27ms
23ms Script
application/javascript 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2trk.info/rtgstat/50version/js/slider.js
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc2428c22ee3bc362ec4423baad407259a89f564dce35a3a3352c6190655651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1614573315
age: 85026
x-guploader-uploadid: ADPycdtm6WJL0g4qylQtTTVJpqjARWNIMrWPi_UZK9pGqSmOKX9WxQRupXwsrAOs3Gw0R_8rrWh0mHfSvH0OVicUtHQjk8_9Z5QY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 Mar 2021 15:27:22 GMT
server: cloudflare
etag: W/"311ca6022249bba7df100863c8bccba5"
vary: Accept-Encoding
x-goog-generation: 1615217241983409
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=SCRuaw==, md5=MRymAiJJu6ffEAhjyLzLpQ==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb1JxLSgeZVc9vcA2hO2VwKxr3%2F5XRqlpymBLanyAYQc8whBSZc8xE1gP9ePxSIPlGwKvuoVzywpNVgmm%2BnOka54W91n6xWOnhHR%2BWvzyT7nn6Y9viVHOnmFjR1xuSN8cuq8WiAcisUT0Q3n"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 23523
cf-ray: 80860b54f80e4d4f-FRA
expires: Sun, 17 Sep 2023 03:31:36 GMT

GET
H3 200 2023-07-14-115147082eufy.jpg
cdn.2trk.info/rtgbannerimage/ Frame 0DE0 5 KB
5 KB 20ms
16ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgbannerimage/2023-07-14-115147082eufy.jpg
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59df4689b19613d21bc2f968f177faa970cc315a56212b60783e3ab0a967d3fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48303
x-guploader-uploadid: ADPycdvVsLNa8s2bhMv22AjIwct-rgmeVj237l4Qc8m8I_v4AijaFc2yC9Mv1wXjsWzWN2dAWAVRD4mFmdT7kZBTmXhM4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 4797
last-modified: Fri, 14 Jul 2023 11:51:47 GMT
server: cloudflare
etag: "e0954380e0bc9e132d4da01731fc8e0d"
vary: Accept-Encoding
x-goog-generation: 1689335507164372
content-type: image/jpeg
x-goog-hash: crc32c=ktOrSQ==, md5=4JVDgOC8nhMtTaAXMfyODQ==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DDMi39qYdijghrY3v5h%2BfG11FPpTwemCi2x2jC01Kn5RVmXHG46uWE%2BbBGXhQhb2WuMaOmhkHdahJGq7hFATh1o%2Fyjc1YfuXi5ZHt%2BV28w2Xw50s9U7JqPOTRGLj0%2BlKJAcBBWFiZU3j5dy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 4797
accept-ranges: bytes
cf-ray: 80860b5588694d4f-FRA
expires: Sun, 17 Sep 2023 13:43:56 GMT

GET
H2 200 imageresize
rtgcdn.2trk.info/ Frame 0DE0 12 KB
13 KB 46ms
25ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtgcdn.2trk.info/imageresize?url=width=336::height=336::imgurl=https%253A%252F%252Fcdn.shopify.com%252Fs%252Ffiles%252F1%252F1924%252F1075%252Fproducts%252F1_1_ff761568-7085-47cc-8dab-555de87eba85.jpg%253Fv%253D1677468437::campaignId=63978

Requested by

Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c05aee0b1b05d6df48e6aca8567812ffa8de271170295a00c21a51edd9d3f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

default-img: no
date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmZ9usn7pVFGcIHSx97MpK2LVPeRJKmJK8nGEM34x3xCvrxyQ0N2nYCbegdlS69g1Pk5XajAz%2BigGrQWp14kpzIxln0s2uKDAqOcFcDJWn8vvp8oZfmmxfQeY0IvFeVelKyFrSbDqID7X3m7ffy7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800, public
cf-ray: 80860b55a9513a80-FRA
expires: 604800

GET
H2 200 imageresize
rtgcdn.2trk.info/ Frame 0DE0 11 KB
11 KB 36ms
27ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtgcdn.2trk.info/imageresize?url=width=336::height=336::imgurl=https%253A%252F%252Fcdn.shopify.com%252Fs%252Ffiles%252F1%252F1924%252F1075%252Fproducts%252F61wmTk6JupL._AC_SL1500.jpg%253Fv%253D1677468501::campaignId=63978

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050cd4a7c748cdcf9b098f031e911271757f008419f6d558dce33acde4f5a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

default-img: no
date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSvehmVuRz%2BZ98tpH2q68psbCi3lBJa7ezdG7gru4iCyiqgHlwsntuzExCzy0i9yGtbMYVWPtlZx7MooTi%2Fv0fP4NgoAFOjNUGlSbWA7Mik8k0yNIcivrs%2Fm8ZLxFHIxLX%2B2KSWjKWRD%2BH3M7YPK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800, public
cf-ray: 80860b55a9523a80-FRA
expires: 604800

GET
H2 200 imageresize
rtgcdn.2trk.info/ Frame 0DE0 22 KB
22 KB 39ms
32ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtgcdn.2trk.info/imageresize?url=width=336::height=336::imgurl=https%253A%252F%252Fcdn.shopify.com%252Fs%252Ffiles%252F1%252F1924%252F1075%252Fproducts%252F71ydEwm3UbL._AC_SX679.jpg%253Fv%253D1677569131::campaignId=63978

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d7dbb75b12cca2026893b42ff1984e628252a3be73b60810af31df79b6106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

default-img: no
date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06IBlf4uqqMe9ZtObDRJU%2Baly8A%2FEwsXnRhayuiWYcYKvblJQ9J3%2BVt415fv6jEOYSMIpZa6G%2Blob2YRw%2Be3UnABHMbuTw9VtCm1fgPbd4vvxACNsXt6FznylKJglwZr%2BVXxCxD7TwPPsZcU6dzf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800, public
cf-ray: 80860b55a95a3a80-FRA
expires: 604800

GET
H2 200 imageresize
rtgcdn.2trk.info/ Frame 0DE0 8 KB
8 KB 36ms
28ms Image
image/jpeg 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtgcdn.2trk.info/imageresize?url=width=336::height=336::imgurl=https%253A%252F%252Fcdn.shopify.com%252Fs%252Ffiles%252F1%252F1924%252F1075%252Fproducts%252FMobBundleC-360_360.jpg%253Fv%253D1677468531::campaignId=63978

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78ed81e5abede628c4f16785d6fea534dfe0d74b3fa00b3e09eba4c826c54599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

default-img: no
date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFzhX2FT%2BZHG8MjAYU5Ssl4zzXfR7RgKURNxD3iuZBwrdeFMUsYO0GHV3Rr8hezbP6bXLdH%2FbO8uFy4MZ8CRWRfBwQ3vXY1Cag%2Fu104jfZOj0n%2FvroPLua4Zz0CrV25xD6P%2BUnABVZ1nbtLMsJzr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800, public
cf-ray: 80860b55a9533a80-FRA
expires: 604800

GET
H3 200 nai_smallpreciso.png
cdn.2trk.info/rtgstat/adchoice-links/ Frame 0DE0 183 B
971 B 17ms
16ms Image
image/png 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgstat/adchoice-links/nai_smallpreciso.png
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d9446b589f06289e3a2f62cd749f76b571c6acc63ec6e1e93710854017c6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85046
x-guploader-uploadid: ADPycdu3WH5Qdx5R0ACUN0uASX9MzCaFc2v6Db1InI_BCJGzrQwGXC2c4Aaolfuvi_rF8Dt5sm6mLA9VA1AdvByucLgYZg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 183
last-modified: Fri, 11 Nov 2022 09:21:37 GMT
server: cloudflare
etag: "fe4bdf0f314b68757f2ee5c63edd4c2d"
vary: Accept-Encoding
x-goog-generation: 1668158497416006
content-type: image/png
x-goog-hash: crc32c=8Q7Kmw==, md5=/kvfDzFLaHV/LuXGPt1MLQ==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHohp0COEjfQjGKzqKalRtzqMJJtudI1jQYQ7RD%2FUWrczImhMORbZWkL38rLXp6rBNufgPPu6OvA1HLxiZEEh1H4sEk%2FQ%2BrKNyPBEMsrvM7Pvpkf1zEddtC6%2FPEjeUmtDkLJdrq7ZvD25aCA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 183
accept-ranges: bytes
cf-ray: 80860b5598794d4f-FRA
expires: Sun, 17 Sep 2023 03:31:31 GMT

GET
H3 200 nai_bigpreciso.png
cdn.2trk.info/rtgstat/adchoice-links/ Frame 0DE0 2 KB
2 KB 14ms
14ms Image
image/png 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2trk.info/rtgstat/adchoice-links/nai_bigpreciso.png
Requested by: Host: rtgcloudsql.2trk.info
URL: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b4e0ead046aaf8bf5ccbfc2cacb1034484502f3edef69134a060f49edda834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtgcloudsql.2trk.info/rtgban?bannerparam=size=728::cmpId=63978::bmpclickURL=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD7PTOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOACT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxUXl_cPrV4hb7WQGzgVdSRT9aKciBaHS2IZ2TlvUVn2w0r7yp3l8r6siOAEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rU2Es4JaLTNEKCewE0n8MznQfLg%26client%3Dca-pub-3784779432172338%26adurl%3Dhttps%3A%2F%2Fban.2trk.info%2Fclick%3FrequiredParams%3DeyJyYW5rN0EiOiIwIiwiYmFubmVyVHlwZSI6ImJhbm5lciIsImNyaXRlcmlhSWQiOiI5MDQyNjgyIiwidHkiOiIwIiwiZXh0cmFzS2V5IjoiNDdfNjM5NzgtNzI4IiwicGxhdGZvcm1Ccm93c2VyIjoiQ2hyb21lIiwibWluQmlkVG9XaW4iOiIwIiwibWluYmlkIjoiMC4yNSIsInByb2dyYW1OYW1lIjoiZHJfZXVmX2RlIiwiaG9zdCI6InByZWNpc28iLCJyYW5rNlMiOiIwLjAiLCJwbGFjZW1lbnRCdW5kbGVOYW1lIjoic2VjdXJpdHlhZmZhaXJzLmNvbSIsImRheSI6IjIwMjMtMDktMTgiLCJQYWdlVHlwZSI6ImdlbmVyaWMiLCJoZWlnaHQiOiI5MCIsImVjcGEiOiIwIiwiY3RyIjoiMi42MzM2NTgzRS00IiwicmVtQWdCdWRDYXAiOiIzMTkuNzA4MSIsInZpc2liaWxpdHkiOiJBQk9WRV9USEVfRk9MRCIsImludGVyc3RpdGlhbCI6ImZhbHNlIiwiRGFpbHlCdWRnZXQiOiIxMS45NCIsImRlYWxUeXBlIjoiT0EiLCJGcmVxdWVuY3ljYXAiOiI3IiwiYXIiOiJOQSIsImNwbU1pY3JvcyI6IjAiLCJwbGF0Zm9ybU9zIjoiV2luZG93cyIsImV4IjoicGR4IiwiYWRTbG90UmFuazUiOiI5ODgiLCJkb21haW4iOiJodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCIsImxvZ0kiOiIgSTE6MS4wLEkyOjEuMCxJNToxLjAsSTY6MS4wLEk3OjEuMCIsIm1haW5hZENvbnNlbnRTdGF0dXMiOiJmYWxzZSIsImxvZ1IiOiIgUjE6MTAwLFIyOjEwMDAsUjU6OTg4LFI2czowLjAsUjZjOjAuMCxSNnNCOjAuMCxSNmNCOjAuMCxSN2E6MCIsInJlZ2lvbiI6ImV1cm9wZS13ZXN0NC1iIiwiZGV2aWNlIjoicGMiLCJkZXZpZCI6IjAiLCJ2aWV3YWJpbGl0eSI6Ijg4IiwiaXNDb25zZW50TmVlZGVkIjoiZmFsc2UiLCJpbkFwcCI6ImZhbHNlIiwiY2FtcGFpZ25pZCI6IjYzOTc4IiwiZW52aXJvbm1lbnRUeXBlIjoiV2ViIiwiYmlkcHJpY2UiOiIwLjI1IiwiYmsiOiIwIiwiVXNlclN0cmF0ZWd5SWQiOiIiLCJiaWRpZCI6Ijg3OTQ4NWM2LWFlYzctOTFkNi1lMmIwLWNlNjViOTk1Yzc5ZCIsImdlbyI6IkRFVSIsInN1YmlkIjoiVFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrIiwiY2l0eU5hbWUiOiIwODM1OSIsImhvdXIiOiIyIiwiemlwUG9zdGFsQ29kZSI6IjA4MzU5IiwiYmlkU2lnbmF0dXJlIjoiMThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzIiwiYnRtIjoiMTY5NTAwMjkzOTAxNCIsImF1Y3Rpb25UeXBlIjoiRklSU1RfUFJJQ0UiLCJiaWRGbG9vciI6IjAuMDEiLCJjYyI6IjAiLCJmaXJzdENvb2tpZSI6IiIsImJhbmR3aWR0aCI6Im51bGwiLCJkZWFsSUQiOiIwIiwiYWdlbmN5aWQiOiIxMDI4MTUiLCJyYW5rNkMiOiIwLjAiLCJjYW1wYWlnblNldHRpbmdzIjoie1wiY3R5XCI6XCIxXCIsXCJsYXBcIjpcIjBcIixcImlhc1wiOlwiMFwiLFwibHJwXCI6XCIwXCIsXCJwOFwiOlwiMFwiLFwic2FcIjpcIjBcIixcInNiXCI6XCIwXCIsXCJzY1wiOlwiMFwiLFwicGJyXCI6XCIwXCJ9IiwicmFuazEiOiIxMDAiLCJwdWJsaXNoZXJJRCI6IjEiLCJyYW5rMiI6IjEwMDAiLCJwZCI6IjAiLCJhdWRpZW5jZU1hdGNoIjoibm9jb29raWUiLCJ3aWR0aCI6IjcyOCIsImFkU2xvdEtleSI6Imh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTEQiLCJjYXRlZ29yeSI6IltdIiwicmFuazUiOiIxLjAiLCJtYWluQWRVc2VySUQiOiJDQUVTRUlDUVdQREZVVm82ajdYZk1mWlNwSVkifQ%3D%3D%253Bdurl155%3D::scm0=bid_~CM.63978~SZ.728~TS.pdx~dv.3~BI.154668841604~DI.~ST.25_::exch=pdx::bS=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3::bamt=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ::ppid=::btm=1695002939015::mid=CAESEICQWPDFUVo6j7XfMfZSpIY::cl=0::geo=DEU::ref0=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html::pageID=179483710::dT=OA::mode=ifrme::devid=3::r1=100::label=default::as=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85046
x-guploader-uploadid: ADPycdvGorl_7jl_yWum-LBWwnuA6YZkzcDhAJK5XJgDPsxTBYhTHlJydy16AhokNxBZ_teyGQLaDgW2ZgDjEUBiAiKrqGkYNP71
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1710
last-modified: Fri, 11 Nov 2022 09:21:34 GMT
server: cloudflare
etag: "a4f2dc3f5b82a3cdcf7d575429449177"
vary: Accept-Encoding
x-goog-generation: 1668158493969522
content-type: image/png
x-goog-hash: crc32c=xZG4mQ==, md5=pPLcP1uCo83PfVdUKUSRdw==
cache-control: public, max-age=172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WO5CXxUtfkrkS5s1e4TEn5G%2FzX1m4GXQiJI3i8Q7JUeD9qzGYidYKSK3ISZeCpI3US6SfEbdYwealo3E6E79X4jes3fDniZWwg0KrTW9ypSfacrNGyG8oUPhI6R%2FX70bC20N9xYVEm6zqB5z"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1710
accept-ranges: bytes
cf-ray: 80860b55987a4d4f-FRA
expires: Sun, 17 Sep 2023 03:31:33 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
499 B 136ms
133ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-AewZyMMy-BwKr-PeAA-qwtB-tqAaqqarZAeYRqxeNRwNcso_YKRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTBTARleNplR_yszuNyqslt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6kXBcDIyqc2E8ImmWYcBuFnWA1wCKn%2BZfQmAB7Q%2F8G9EoUBvRxrJqIUZXc0wDOBNba%2FlfgXMIgkWKsudJFZ6vMpEFcEghB%2BKLat7ucIOp09hhBEhXoAYpRJs0ZqJvYfLWOw5eaEs1i4jHC3716JvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b54f80fbbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame CEF1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f882baf26e69f696c0fa4a3d0c73748833aaca09463f7febf3fd5e564ed2dd1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EFDB 0
0 54ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBviGO7EHZa_pA5qKgAfSspWwCajN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBOMCT9CS5ZuZA9jZ8AIPQ5qbJKYOdiCWJ588luW-c7gYaU-UsdxV826jAlW6Qrp_XAxaeVpaig7mdcFBRrEhn00b8muXwDeNlsr3Co3naqVUeP--qeq9nPPMaCIyxHm7ghpNcAsUTVOiVxV8b9qRuxnDXIAXr8XkwAYXce5VooHI_ADZgwsnrvmsRYKAVIo49NfprrJ7tk9ORt31SFslBpFk_qmMccb18PA0Hdk3FaIFqXfIVtfYzemTxgQhSWEdxBY5j5yW9MGpIlPyf-8Doc6oLSzPw7R7XHVBhkT81sFXeUmt4WG4698i0NHNYrUcOMOgsPGeNoxc1Npu7p72vB6gaBkocWBW0VEaY4kWeA_OwuvUVuUhKwjG23uiHk3bds7929wki0X1JGK1rNx2jFo4bCSFzU1gGAkGaseu57PSKFA_IYBH3hCpC_VEQVyfH6Was1Li1mkysrMr6kB3UZAhp8Kks-AEAYAGmIKNw6y9ruT3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItMzc4NDc3OTQzMjE3MjMzOBiumIEB&sigh=Gic_WXOeVIQ&uach_m=[UACH]&cid=CAQSOwBpAlJWMHsohmWiUIs5dRm2FXPtdRwafxjXzyPEv_xRPlNZnsDtUWIRdtr9aYfp653kHxxCFsoS8490GAE&cbvp=2&vis=1
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 impression
bid.2trk.info/ Frame EFDB 43 B
331 B 45ms
23ms Image
image/gif 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.2trk.info/impression?v1ImpParams=IjJ8NzI4fDkwfERFVXwwfDB8OTA0MjY4MnwwODM1OXxPQXwwfDB8MC4wMXwxLjIyMDUxNjg2RS00fDB8MHwxfDN8MXw1fDJ8MDgzNTl8TkF8MXwxfHNlY3VyaXR5YWZmYWlycy5jb218W118MXw5OHxOQXwxfE5BfDAuMHwwLjB8MC4wfDAuMHwwfE5BfDB8TkF8NHw2Mjg5OHxwZWNfYW5rX2RlfDAuNXw0MHw1fDEwMjgwMnwxNjI4LjIyMTJ8MCwwLDAsMCwwLDAsMCwwLDB8MnwyMDIzLTA5LTE4fDAuNDAwMDAwMDA1OTYwNDY0NXwxNjk1MDAyOTM5MTM3fDQ3XzYyODk4LTcyOHwxMDA6MTAwMDo5OTI6MC4wOjAuMDowLjA6MC4wOjB8MS4wOjEuMDoxLjA6MS4wOjEuMHxDQUVTRU50VS1HLUctWi0tUy16Sm5rUS1VYjh8VFMrZCtwZHgrdCtkditkKzMrdCtTVCtkKzI1K3UrK3QrU1orZCs3MjgrdCtCSStkKzE1NDY2ODg0MTYwNCt0K0RJK2QrfE5BfGIxNDYzMDQzLTI5NTAtNDczYy1hMmNkLWIzN2Q3YTI0YjE2OXxodHRwczovL3NlY3VyaXR5YWZmYWlycytkK2NvbS8xNTA5NDkvY3liZXItY3JpbWUvbm9ydGgtY2Fyb2xpbmEtaG9zcGl0YWxzLWRhdGEtYnJlYWNoK2QraHRtbCM3MjgjOTAjQkVMT1crdStUSEUrdStGT0xEfE5BfDBhNzdmNDliLTY2NjMtMGY1Ni01N2Y5LTgwNzg1Yzg3ODJmNHwzfGh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sfDB8MHwxLjB8OTkyfG5vY29va2llfDF8TkF8MTJ8MXwwfDB8MHxwdWItMzc4NDc3OTQzMjE3MjMzOCI=&price=ZQexOwAA9K8K4AUaAAVZUgc3gHPn5HOy7jWkZw&bs=b1463043-2950-473c-a2cd-b37d7a24b169&cbvp=2
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6yTLZynQpIJvE0LEuxXnLnky7OJWm0PB39czvHUd1%2FnzE3vmcRTG8tsyWbDTNZaW4eGAKEvl9L1%2F0Hr3J1DhAGnlzxvFQvdnpP1Ow%2B5k8%2B%2FNpP1ucUIzLImyxy4EIjPXD2Biyai10LLf3Af"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 80860b5559233a80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame 0DE0 1 KB
455 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli

Requested by

Host: cdn.2trk.info
URL: https://cdn.2trk.info/rtgstat/50version/css/logico-three.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba8a2573fe8b9833ad134018ac10ce7ab18748c0ad4b1fe8484b098b847fe2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.2trk.info/rtgstat/50version/css/logico-three.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 02:08:59 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame E9F3 2 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d321c7967bdb63463840badb61943ed20b727e071b4a68585917d45b01626bbf

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vr1tEdRZ2YdGvvJF3%2BACCWXoAOJqLi9HL0KKLPJc%2FoE7Dj4zdjWm6qWcOCd5EMp3asqHjZq%2FBYO8ZpXd42xxQinB8v%2Ftel4%2Fdn9OYU1Cqb05hTo8eGWzRqryeyRiHkl6a6vEq3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 80860b55bd9d1ca3-FRA
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
27ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80860b558d781ca3-FRA
content-length: 24
content-type: text/plain
date: Mon, 18 Sep 2023 02:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1C0jqkfncqky567KDg4e89AzuSLFhvmFCbSQahyPbYGuyvvqW7H5EiD23dWE6rpG8sia1OUTJbeM3yrBcMEu35uaTr%2Fj2PLJaMjl0dbLPPF9b70X%2BEisYRL%2Bq6OdjjE44qRIf0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5ggx

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDB9 0
0 61ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgpYeOrEHZd7XOpqD1PIPqLGN4AG6mayGc6-966HbEd7llaaePxABIIHtz4MBYJWCgIDAB6AB6f31zwPIAQngAgCoAwHIAwqqBPgCT9Aow1_NUm2tl_71u3PoowPjk6uy7m9O5PtuUmhb9uONnRWcEhRfT25UZj3r1CldD2FN0YGiT_VeRIMMG5zytV3V_4K-06TFLOIl7PQWBidIuabTaUfqBvSq77-jHGJadqkdoEOF5GTaZZjgEjTe1_W3h8qGO-secE_tTyj9srwiOhs5LCqRbWqg2UiTS7DxksU7VuhYeHC_XN2nDJICsS0dBEI2c0dSNlIajfx6s7FjnpOUc_WxVChJJIlJUjvSKhIMfHOtq7fPTAr63IpjX8Qe-4Zj4BfH4Qw8bWKR3oQS8d0nFzeXFLy3u6RJ1_wWQWAGE_s4M2mUb9FGLtDuhi8TL4CReKHysvcoJERKNwDwUb91SDVJSfaC8r1BnKdJ3gJHD6HN7N9QrLF33w3LmxPVOrL3TpU5FQOTwrgFSfU52Luzs2d8ojDojqvjBU9XMovbC_cMlJiC_aw0aG4J6qZmCZxbZ-Wa9TzknlFMFbec1mZoR7xbsMAEl_TUxcAE4AQBiAWw6cSDTJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeq4Iq4BKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJS-BtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmiAWh0dHBzOi8vc2VhcmNoLnZ5YWdlci5jb20vP3JnaWQ9NjkzMzUyJnN1Yj1nY2xpZCZxdWVyeT1OZXVlK0VsZWt0cm8tU1VWcyt6dW0rZyVDMyVCQ25zdGlnZW4rUHJlaXMuK0ZpbmRlbitTaWUraGllcitkaWUrYmVzdGVuK0FuZ2Vib3RlOiZwbGNtbnQ9c2VjdXJpdHlhZmZhaXJzLmNvbYAKAcgLAbgT5APYEwyIFALQFQGAFwGyFx8KHQgAEhRwdWItMzc4NDc3OTQzMjE3MjMzOBiumIEB&sigh=Go8_wlC1P1g&uach_m=[]&ase=2&cid=CAQSOwBpAlJWiGIgjuX8LA8VCckCLGOncN4ptJsZEEghIs1x87dxQ-xc8KzTplqW6U6pXEt819nWHzc0UxHKGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ Frame 0DE0 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rtgcloudsql.2trk.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:52:44 GMT
x-content-type-options: nosniff
age: 285375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18500
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:52:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CEF1 0
0 57ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjPwJOrEHZdGZOrD0x_APjtCueKjN4YFz0a7xgsIRwI23ARABIABglYKAgMAHggEXY2EtcHViLTM3ODQ3Nzk0MzIxNzIzMzjIAQngAgCoAwHIAwKqBN0CT9BM7xSDPLLSEtABnXT8Lj7Bvx4aG1Kzj0ZYBv93kjA5afkaGW1O10EEyWxbtV10TDBfoa3E6nuaAsaHQHw7mMDj8n2RJDWncDe_xe8mnVcy48WniFi_1joLcTq-3Vf5xt532D76cyBW4k3p5PYxVb3qxJR_glhCePk8RMYq1OyLfn3lOzGlFXN7XAnNy_pyo3E8wZkuuWBr8GT9T886aIZhQVNs-gXNqwNL8GpPwgAq7hxWITq93PdD5fPcH_H0RHjPzYh9vL8vwg-bAIH9FXR8Lt6ZUe4PoteCWqztx9QVZSPnbMXbj1SYOtb_cgkTqgGaMHchhM_cXCsTBfGdSs2XbgBvyKZFnXYgAMgDjyxxJsS2cmVYoD9NkCOHFZMfcgpEV4wn5HNQZigVRVErebvwP5dyJxVVldadceyUHDwlQ9H2SfCY9YWWQRypU5fsIgW7kJDb71IlXTCWe-AEAYAGjIaZ_qe81emHAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItMzc4NDc3OTQzMjE3MjMzOBiumIEB&sigh=JxJpDlcyV5U&uach_m=[UACH]&cid=CAQSOwBpAlJWD_W8i1M7ft9ETfTjNpYKD10RSUmTXgDoWQCXaanhQfSQVyYwAaTgS2WtdeKv05ZMxv0llXYfGAE&cbvp=2&vis=1
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 impression
bid.2trk.info/ Frame CEF1 43 B
443 B 26ms
25ms Image
image/gif 2606:4700:e6::ac40:c41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.2trk.info/impression?v1ImpParams=IjJ8NzI4fDkwfERFVXwwfDB8OTA0MjY4MnwwODM1OXxPQXwwfDB8MC4wMXwyLjYzMzY1ODNFLTR8MHwwfDF8M3wxfDV8MXwwODM1OXxOQXwxfDF8c2VjdXJpdHlhZmZhaXJzLmNvbXxbXXwxfDg4fE5BfDF8TkF8MC4wfDAuMHwwLjB8MC4wfDB8TkF8MHxOQXw0fDYzOTc4fGRyX2V1Zl9kZXwwLjI1fDExLjk0fDd8MTAyODE1fDMxOS43MDgxfDEsMCwwLDAsMCwwLDAsMCwwfDJ8MjAyMy0wOS0xOHwwLjI1fDE2OTUwMDI5MzkwMTV8NDdfNjM5NzgtNzI4fDEwMDoxMDAwOjk4ODowLjA6MC4wOjAuMDowLjA6MHwxLjA6MS4wOjEuMDoxLjA6MS4wfENBRVNFSUNRV1BERlVWbzZqN1hmTWZaU3BJWXxUUytkK3BkeCt0K2R2K2QrMyt0K1NUK2QrMjUrdSsrdCtTWitkKzcyOCt0K0JJK2QrMTU0NjY4ODQxNjA0K3QrREkrZCt8TkF8MThmNmQ3YzctZjZjZC00YmM2LTkyZWEtMmU5YTYxMWJhZGEzfGh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzK2QrY29tLzE1MDk0OS9jeWJlci1jcmltZS9ub3J0aC1jYXJvbGluYS1ob3NwaXRhbHMtZGF0YS1icmVhY2grZCtodG1sIzcyOCM5MCNBQk9WRSt1K1RIRSt1K0ZPTER8TkF8ODc5NDg1YzYtYWVjNy05MWQ2LWUyYjAtY2U2NWI5OTVjNzlkfDN8aHR0cHM6Ly9zZWN1cml0eWFmZmFpcnMrZCtjb20vMTUwOTQ5L2N5YmVyLWNyaW1lL25vcnRoLWNhcm9saW5hLWhvc3BpdGFscy1kYXRhLWJyZWFjaCtkK2h0bWx8MHwwfDEuMHw5ODh8bm9jb29raWV8MXxOQXwxMnwxfDB8MHwwfHB1Yi0zNzg0Nzc5NDMyMTcyMzM4Ig==&price=ZQexOgAOjNEIEfowAAuoDtXXZeuZMG5IXXcdaQ&bs=18f6d7c7-f6cd-4bc6-92ea-2e9a611bada3&cbvp=2
Requested by: Host: 14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
URL: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XfAObdtf5d21%2FuHAhtEYa961Tl7YpZMA2JmJXaKImgnZYojBq21oNFFNeZ0vZ9IbStgmksRmlztTnYJVYvMhIP8MLTZ3f2WjF3aJ0lpZXJaGXb26u61ZX7LOF%2BOmopNRXTbnyndrGUXReWu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 80860b55e8a24d4f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C0D1 12 KB
5 KB 30ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf9b0914a3878835b09b5cdd07ce0e44f08ac0ac05560841d1206ec421d93502

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gqvqshzzfxvkf7xmfvs0txbn9phnnsp45cndsx00wv8x9fqapkb355nhxsfbbtm0rde38ma0m3d2957zp9ert8fcssmm2yh8dbfc67dzpdkedvqr471qcezya9dpr66xgpyf1qhmydmkf4gpkwaawr0ryx3b5kj97k6kgy3g44vbtb5gb04m799d35wsebbq2p2m2x8nsb06nyngrvhycmkyyrgsngw2gyeey3rvrx17qxgjjc5kjh7zjnpd63pvmc28ggbtzm68m0v6vggngmkjavm09cqs5rwtxwyq7zjeg4gz7txmwv1bp2xn21c028as005e5bvbpaey0av8yy46g0phh82xyy4p4xpx124a8absxtcy8bdpexd8nwrpj1nz8n7f2cfxh7aws962b6hn4h1j1k3rkxt64gbmtebem2scbx83j290qayhsgyyt4pqmcqse40&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%26client%3Dca-pub-3784779432172338%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80860b55fb432c5b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 02:08:59 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame C0D1 115 KB
14 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 836346
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9ctfvTuAit6GusahaNJ02vBM0r%2FHTR8R%2BJAAz%2Bx0WPb0LYps9hSFsta7b2tmckZVVLovggPs%2F5GpmJuMxqNM%2Fj6c3GAI9jTkWcxSZ%2BbsYpDC8D2cuAH3dFrWU%2F5J0RBig4r8UJBIcM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 80860b563b632c5b-FRA
expires: Mon, 18 Sep 2023 03:08:59 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame C0D1 6 KB
6 KB 51ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2123738
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVZnsbGKU4Eifq5qiWdWmeKF8FQWgCrlwsciwrAb6m4GqEcBVMotzrZ1RCfnEwmLT%2B0YxKT0GGs9rSz%2FFVwKdH9JnTunYzUyHtZkf8oAQxQQ6mXZmzbXeZi7Nx5dOjMoov86MkEhhAyft6jw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4e364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame C0D1 183 KB
184 KB 49ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122994
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfs80uE8G3cTiGOUeU6ukIWW0K1UP1XWeKd7s8EAuDaZDGkATIU%2FpeRDIWrmdeWRSizOiMf9SNZfFLHBQC75qjgS6cafF8Eb%2FAaEa13XRAuznYCE0f3Wwgi%2BPaPpuAR9l0nR7Xso8%2FA1gd1s"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4c364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C0D1 53 KB
54 KB 49ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449972
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg93bZ4X6XDnilViTb%2BKzkfIRqGeKucynvzb2jOll6j8vjVFcAR90UoPq%2B5dh0bftIX9cTXazyV2%2BHw3PUDoxdPBLHCF8gW9tRU0VUfWUu4JarDPI1Ko3QFmb%2F8OvaqZaAkKeldidl32ubOp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4f364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame C0D1 22 KB
23 KB 49ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275986
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sNJ2dllOkXjQ7lNkcW3Py%2B3w2krw05HpTyLzlA%2FU9xAHDsOHkjwY7ztAPbJo4YMa5dC7OQjCYIlMWn51jFY5jEOhI2dUHa9fxXEULfFNtMRRl5UOvR9E%2BNFNSKXRdvcWCkswBN4CzSwtnI%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4a364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame C0D1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIvKg4GKs4EDFY3UEQgdTLsKuA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suit...

49 B
1 KB

2598ms
2549ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 02:09:00 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
date: Mon, 18 Sep 2023 02:09:00 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame C0D1 36 KB
36 KB 36ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1799856
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RQCfkUkwQhAfU%2B%2FBJPxn4rW2CaVRUgql4x0esdsXihoMmHUEUnPri4VDqoOfykdgtECp1njmMMjEACuCTO07aZtaouRoKZODkW8tbBWHNP7B69X0g%2BR7nKFmnLxKJH1Byd%2BNqHcd%2FPs2876"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4d364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C0D1 28 KB
29 KB 34ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:08:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1024810
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjGLSHypllA1a6Se3kp7J0m4TF9Hf3U8%2BqqPVrlDZGvAxtFIkaqzLiCilK0oHHx2HtGOLcTBHwcKbNKdczk0vcbf8DJvI6KsnooRzs1hBNc0FodAAgxyZJUwzDJML9Dh3ZRDQ6jS8Wq08EyR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80860b565c4b364a-FRA
expires: Tue, 19 Sep 2023 02:08:59 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C0D1 43 B
705 B 140ms
77ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 02:09:00 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 429 link.html
track.webgains.com/ Frame C0D1 0
0 112ms
31ms Script
text/html 18.134.234.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqmf5tjy760wdb5tcbd7xddp8yazfm32v10jbce5nq3cvsn787awj0f70pttdt1spfjkdhzekb5k9fkzarv7wwyyfe72sbp3x2pe1xdm1pzb0111aer088xg3p1jzr9yznhnajxesrd25xcj3evcpn3mpwxvbper859zx04r1yfaf5579jsa4j8mzsvrgkfaq3exekqey4whqnfhcefvg0e241zz7sc0vgq5cwhnw3w2bf9tgrbdybcxxz7chfacy5zr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%252526client%25253Dca-pub-3784779432172338%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=600&e=&g=1c571481f6ac1bf21fa7a81fb3aaa0f6%2F14191889441672549656&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1695002939810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%2526client%253Dca-pub-3784779432172338%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.234.224 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-234-224.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:09:00 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
503 B 2238ms
2238ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-PaaPUAKK-yYwt-PZUB-wraY-TZAtPqAAtqaZRqxeNRwNcso_YKRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTAMBMBRleNplR_yszuNyqslt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:09:02 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 02:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikpJQQpj%2BBwP1HrN%2BneWQPxuiBs31SuerUiYSO7MIxoq%2F7PKw%2BF0XSewV%2FJEjBwvp8%2FxpOFcqk6OfciVuXUJn7JebWqw3nzwyyZ5jQCdfxTXC9pfCvgLBn0WbEy0ODrzH4ytEVaTIy32g6SHNRTYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 80860b67dc21bbb3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEF1 42 B
64 B 2017ms
2017ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwGBE5N7KTtY1KJcakXDO5N8Xkkiy05JzL4x_7Pl_0DxM3BbUQEpvZ87GnkGDR2JQAak31RMcwzPpCybsMQSNnDnkKfj2zrCStIZ5b&sig=Cg0ArKJSzBEGcAupgg_qEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3444978212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695002939446&rpt=260&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 944ms
18ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&lsw=1&us_privacy=1---&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://securityaffairs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 18 Sep 2023 02:09:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 202584
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET /
id.a-mx.com/sync/ 0
0

GET

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&lsw=1&us_privacy=1---&gdpr=0
https://mug.criteo.com/sid?cpp=6XmdhXw5RlgzNm00Q1MrY2k4NkF1UmJDbkJ0TUJTcHJ3OVFJM2Q3MjVhSkhYZkNUVWZQdEJOWk9YcjV5WDFwL0V3TUJKdUluWFk2VWVkZU9SdkpNSVpJb3JDYXE5WHM3UkFrODlpNHNaMjF6cWFPRmlxUUo3aVloamFpem...

0
0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
548 B 925ms
10ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B2C8 15 KB
6 KB 919ms
10ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79603
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 18 Sep 2023 02:09:02 GMT
expires: Tue, 19 Sep 2023 00:15:45 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 1C2D 0
0 889ms
886ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1695002938653&gdpr=0&us_privacy=1---

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 801E 4 KB
1 KB 970ms
960ms Document
text/html 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ee7cf89cb6f5751c186702b016fd55489761b48c82b0781aee30e5644feeb9

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 80860b67db27694b-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 18 Sep 2023 02:09:02 GMT
server: cloudflare

GET
H2 204 isyn
prebid.a-mo.net/ Frame 3F19 0
0 888ms
887ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 18 Sep 2023 02:09:01 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET

dcm
s.amazon-adsystem.com/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3860276504035066066&gdpr=0&gdpr_consent=

0
0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=cc3b3f9f24bfb520886cc1bee7b0952f&gdpr=0&gdpr_consent=0

43 B
445 B

18ms
18ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=cc3b3f9f24bfb520886cc1bee7b0952f&gdpr=0&gdpr_consent=0
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=cc3b3f9f24bfb520886cc1bee7b0952f&gdpr=0&gdpr_consent=0
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 0
expires: 0

GET e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ 0
0

GET
H2 204 v1
match.sharethrough.com/universal/ 0
35 B 914ms
7ms Image
text/plain 18.156.139.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:09:02 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5065354607588352414&gdpr=0&gdpr_consent=

43 B
408 B

45ms
20ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5065354607588352414&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 02:09:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5065354607588352414&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 54ms
9ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

3f9f20fa82cb67641d1574638b6937925e604969094ab665667ae5e6217be714

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:09:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B2C8 3 KB
4 KB 90ms
9ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99231938&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: a8c77af323ec6d1728a194af9fb12add64151fec0595975d40deff6ee15470fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 02:09:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET match
ads.betweendigital.com/ Frame 801E 0
0

GET /
ssp.disqus.com/redirectuser/ Frame 801E 0
0

GET getuid
ib.adnxs.com/ Frame 801E 0
0

GET /
s.ad.smaato.net/c/ Frame 801E 0
0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 801E 0
34 B 21ms
14ms Image
text/plain 18.156.139.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:09:02 GMT

GET pixel
ap.lijit.com/ Frame 801E 0
0

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 801E 43 B
1 KB 41ms
14ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 18 Sep 2023 02:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

POST
H/1.1 200 696.json Show response
id5-sync.com/g/v2/ 276 B
690 B 27ms
12ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/696.json

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

0f195065cde843d61b0fa0897b93f40a68e6e62cc8eb30c1bebd0297fdcc063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://securityaffairs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.com
date: Mon, 18 Sep 2023 02:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET usermatch
ssum-sec.casalemedia.com/ Frame 8566 0
0

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8451 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C5CD 15 KB
6 KB 19ms
15ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79603
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 18 Sep 2023 02:09:02 GMT
expires: Tue, 19 Sep 2023 00:15:45 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET

sync
eb2.3lift.com/ Frame 0607
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

0
0

GET rmphb
sync.1rx.io/usersync2/ Frame 47F2 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 8CBD 0
0 16ms
14ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

OPTIONS sid
mug.criteo.com/ Frame 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 99EF 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 41AD 0
0

GET p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 2F13 0
0

GET getuid
ib.adnxs.com/ Frame E5A9 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame F6E5 0
0

GET sync
sync.srv.stackadapt.com/ Frame 2529 0
0

GET bridge
cm.adgrx.com/ Frame A63B 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame 6091 0
0

GET /
csync.loopme.me/ Frame C9B0 0
0

GET pixel
cm.g.doubleclick.net/ Frame B2C8 0
0

GET qmap
sync.crwdcntrl.net/ Frame B2C8 0
0

GET cr
cr.frontend.weborama.fr/ Frame B2C8 0
0

GET match
a.audrte.com/ Frame B2C8 0
0

GET pixel
cm.g.doubleclick.net/ Frame B2C8 0
0

GET pubmatic
um.simpli.fi/ Frame B2C8 0
0

GET match
c1.adform.net/serving/cookie/ Frame B2C8 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame B2C8 0
0

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame B2C8 0
0

GET CA6C31EF-4940-4F30-B6F1-F994CDD5C55E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B2C8 0
0

GET sync
x.bidswitch.net/ Frame B2C8 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame B2C8 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame B2C8 0
0

GET cs
ad.turn.com/r/ Frame B2C8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.c.appier.net
URL: https://a.c.appier.net/gcm?google_gid=CAESELwLSBIHgecqDynWmFdai2o&google_cver=1&google_push=AXcoOmT-STU6o4kFavO-jT_e5hw0-o8ZmKQ5_AevU-PwvaZwKLh5QlbMaYhJDTZlyPBDXJkHbtG_BhwvhJ7AQjEzIp7sIkwVW9EhJIo

Domain: id.a-mx.com
URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html&tl=https://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html&nf=0&rt=true&v=7.48.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=undefined

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=6XmdhXw5RlgzNm00Q1MrY2k4NkF1UmJDbkJ0TUJTcHJ3OVFJM2Q3MjVhSkhYZkNUVWZQdEJOWk9YcjV5WDFwL0V3TUJKdUluWFk2VWVkZU9SdkpNSVpJb3JDYXE5WHM3UkFrODlpNHNaMjF6cWFPRmlxUUo3aVloamFpemM4TzJZNXpUV1Q5OWEzUlJBaWxobDZvVURXTlJkZkQ1RlRUTHFjVGx2dDZaRXBzbzVIeExJMjlZUHgrYzBtajlUK1kyQWJQbGttZm9ncTRRTHdNN1B1TWxwa2pBNk5IR280ZTc4L0xQd3lVK1RjRTV5NlJJeGRQd1paV0dCWkcvVUVoQ2JCV3pFfA&cppv=2

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3860276504035066066&gdpr=0&gdpr_consent=

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID

Domain: s.ad.smaato.net
URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=6XmdhXw5RlgzNm00Q1MrY2k4NkF1UmJDbkJ0TUJTcHJ3OVFJM2Q3MjVhSkhYZkNUVWZQdEJOWk9YcjV5WDFwL0V3TUJKdUluWFk2VWVkZU9SdkpNSVpJb3JDYXE5WHM3UkFrODlpNHNaMjF6cWFPRmlxUUo3aVloamFpemM4TzJZNXpUV1Q5OWEzUlJBaWxobDZvVURXTlJkZkQ1RlRUTHFjVGx2dDZaRXBzbzVIeExJMjlZUHgrYzBtajlUK1kyQWJQbGttZm9ncTRRTHdNN1B1TWxwa2pBNk5IR280ZTc4L0xQd3lVK1RjRTV5NlJJeGRQd1paV0dCWkcvVUVoQ2JCV3pFfA&cppv=2

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E&redir=true&gdpr=0&gdpr_consent=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ymwx70lATzC28fmUzdXFXg%3D%3D&gdpr=0&gdpr_consent=

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E&gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0E2QzMxRUYtNDk0MC00RjMwLUI2RjEtRjk5NENERDVDNTVF&gdpr=0&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E&redir=true&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/CA6C31EF-4940-4F30-B6F1-F994CDD5C55E?gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CA6C31EF-4940-4F30-B6F1-F994CDD5C55E&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securityaffairs.com/	1970-01-21 00:26:02	Name: _ga_NPN4VEKBTY Value: GS1.1.1695002937.1.0.1695002937.60.0.0
securityaffairs.com/	1970-01-20 23:35:38	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.com/	1970-01-20 23:35:38	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.com/	1970-01-20 14:51:29	Name: _gid Value: GA1.2.1794197621.1695002938
.securityaffairs.com/	1970-01-20 14:50:02	Name: _gat_gtag_UA_59069958_1 Value: 1
.securityaffairs.com/	1970-01-21 00:26:02	Name: _ga_8ZWTX5HC4Z Value: GS1.1.1695002938.1.0.1695002938.0.0.0
.securityaffairs.com/	1970-01-21 00:26:02	Name: _ga Value: GA1.1.1216587265.1695002938
.securityaffairs.com/	1970-01-21 00:11:38	Name: __gads Value: ID=75d5f07c0e4cf7e6-2245241be8e3002b:T=1695002938:RT=1695002938:S=ALNI_MbkT3GaS-NxCHxJ7NKOAnmNXSd1oQ
.securityaffairs.com/	1970-01-21 00:11:38	Name: __gpi Value: UID=00000c781b64d90e:T=1695002938:RT=1695002938:S=ALNI_MZUH1K2JWg7Phn1_3Dx4FOcgdKB_w
securityaffairs.com/	1970-01-20 16:16:26	Name: __ppIdCC Value: aexuritywddwira_xon210.5996.38369
securityaffairs.com/	1970-01-20 15:33:14	Name: _pbjs_userid_consent_data Value: 6683316680106290
.securityaffairs.com/	1970-01-20 15:30:22	Name: sharedid Value: 34635fa4-3ed3-41d9-8615-1e8fa9986871
.prebid.a-mo.net/	1970-01-20 23:35:38	Name: __amc Value: 1_1695002938_1695002938
.quantserve.com/	1970-01-21 00:20:17	Name: mc Value: 6507b13a-aea1e-65bcb-e6b45
.securityaffairs.com/	1970-01-21 00:14:31	Name: __qca Value: P0-581957370-1695002938588
.script.ac/	1970-01-20 14:50:04	Name: __cf_bm Value: Dtbb6q6hQ0woVBlpRJJ4SQUkEeQ2uh9TfjErAey6DdU-1695002938-0-AfUopbjzdZFhiP+IpAZ2CehD4XolkEcx9ahzZJ86Xjt4xjbdohJZOyg5yLYTg8Vm3Fr8e8H/HX0SWkHO5tzL1EE=
.smartadserver.com/	1970-01-20 23:37:05	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 565875=5633408
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 23:37:05	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 14:51:29	Name: sasd Value: %24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0
.smartadserver.com/	1970-01-20 23:37:05	Name: pid Value: 3860276504035066066
.smartadserver.com/	1970-01-20 14:51:29	Name: sasd2 Value: q=%24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0&c=1&l=-484118455&lo=-1108704272&lt=638305997387099873&o=1
.quantumdex.io/	1970-01-20 15:04:26	Name: uid Value: b171fabe-4a54-4231-8d64-c2cd2ffd8c92
.w55c.net/	1970-01-21 00:20:17	Name: wfivefivec Value: IERxF2441QI3H55
.w55c.net/	1970-01-20 15:33:14	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 23:37:05	Name: suid Value: C0F1438C428843C98A65ECE83020B3FE
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-20 23:37:05	Name: pid Value: OTY0NWFiMjQ2ZTkzYmY1
.doubleclick.net/	1970-01-21 00:11:38	Name: IDE Value: AHWqTUkTvkdTqNfQEP_6Xy13b1r5-SGAwM6F6JIfMEFviW7E1fqr8XPkWYQvxfUPXrA
.2trk.info/	1970-01-20 16:16:26	Name: 62898_viewnew Value: date%3D09%2F18%2F2023+02%3A08%3A59%26subid%3Dbid_%7ECM.62898%7ESZ.728%7ETS.pdx%7Edv.3%7EBI.154668841604%7EDI.%7EST.25_%26size%3D728%26campaignid%3D62898%26impressionid%3D169500293944331067218420246429562887824486%26refURL%3Dsecurityaffairs.com
.acuityplatform.com/	1970-01-20 23:35:38	Name: auid Value: 828903303852
.adform.net/	1970-01-20 15:33:14	Name: C Value: 1
.2trk.info/	1970-01-20 16:59:38	Name: fingerprint Value: cokdate%3D09%2F18%2F2023+02%3A08%3A59%26userid%3Dce4b1468-0ed5-4f9f-810c-21b4e2112188%26rank%3D100%26icrank%3D999%26icount%3D2%26ccount%3D0%26csranka%3D0%26csrankb%3D0%26vsranka%3D0%26vsrankb%3D0%26ip%3D2a01%3A4a0%3A2b%3A%3A11%26p%3D%26ty%3D0
.2trk.info/	1970-01-20 16:16:26	Name: 63978_viewnew Value: date%3D09%2F18%2F2023+02%3A08%3A59%26subid%3Dbid_%7ECM.63978%7ESZ.728%7ETS.pdx%7Edv.3%7EBI.154668841604%7EDI.%7EST.25_%26size%3D728%26campaignid%3D63978%26impressionid%3D169500293950615591776969985248461575174245%26refURL%3Dsecurityaffairs.com
.acuityplatform.com/	1970-01-20 23:35:38	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRSlBRQi6mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUpQUUIuo90aGlyZFBhcnR5VXNlcklkWkNBRVNFS0FVZ1YwZkRoNXFOZ3lPNHZENjYzc/v7hnZlcnNpb27C+w=="
.adform.net/	1970-01-20 16:16:26	Name: uid Value: 5065354607588352414
.de17a.com/	1970-01-20 23:28:26	Name: guid Value: 1.7829466226055017373
.yahoo.com/	1970-01-20 23:36:00	Name: A3 Value: d=AQABBDuxB2UCENAE3GmqnIHIZ8zi3HcFNasFEgEBAQECCWURZQAAAAAA_eMAAA&S=AQAAAqW_jw8Khm_1zZ-Wen8zpVs
.zemanta.com/	1970-01-20 23:35:38	Name: zuid Value: qDiFc3BiSGIm5h4FP9SQ
.tribalfusion.com/	1970-01-20 16:59:38	Name: ANON_ID Value: auntuJwl6h7bQQwbPBqU9BduDgay3OvImclIvoQnnPPbYUha2a5pM756xapEUeZcMOby2ljpZbPZb3d54vr442gbtMH
.doubleclick.net/	1970-01-20 19:09:14	Name: APC Value: AfxxVi5yyeZg0C08VrmP8hMyb3HbI3kAwbuAH6NipMlVLxesMrx68g
.awin1.com/	1970-01-20 14:52:55	Name: awpv14702 Value: 412871\|1695002939\|54cf0e60-55c8-11ee-b98b-2233369fc7ee
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.o2online.de/	1970-01-20 15:00:07	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5NTAwMjk0MHZsZWExZGUyMDIzMDkxODA0MDkwMDg4OTI2Njk0OTczWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRtVjJIZWZHZldaemdUbUhaSFp0enRKSnBDS1N3VGVaTUhiMWs1b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyOF9XRUJHQUlOU01PU1RMWTExNzcwMw
.o2online.de/	1970-01-20 15:00:07	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 15:00:07	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023091804090088926694973X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5NTAwMjk0MHZsZWExZGUyMDIzMDkxODA0MDkwMDg4OTI2Njk0OTczWDExNzcwM1YxMjI2MTMyNzAyT
.omnitagjs.com/	1970-01-20 15:33:14	Name: ayl_visitor Value: cc3b3f9f24bfb520886cc1bee7b0952f
.ads.pubmatic.com/	1970-01-20 14:51:29	Name: KCCH Value: YES
.smartadserver.com/	1970-01-20 23:37:05	Name: csync Value: 22:5065354607588352414\|117:cc3b3f9f24bfb520886cc1bee7b0952f
.pubmatic.com/	1970-01-20 23:35:38	Name: KADUSERCOOKIE Value: CA6C31EF-4940-4F30-B6F1-F994CDD5C55E
.pubmatic.com/	1970-01-20 16:59:38	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:51:29	Name: pi Value: 157940:2
.pubmatic.com/	1970-01-20 16:59:38	Name: DPSync3 Value: 1696204800%3A235_201_245_241
.pubmatic.com/	1970-01-20 16:59:38	Name: SyncRTB3 Value: 1696204800%3A166_13_8_3_234_21_251_55_54_233_220_56_71_165%7C1695859200%3A63%7C1695600000%3A2_15_223%7C1696291200%3A35%7C1697587200%3A203
.3lift.com/	1970-01-20 16:59:38	Name: tluid Value: 2125293698632523122857

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1694995738&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F150949%2Fcyber-crime%2Fnorth-carolina-hospitals-data-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695002937995&bpp=3&bdt=331&idt=191&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4634220255263&frm=20&pv=2&ga_vid=1216587265.1695002938&ga_sid=1695002938&ga_hid=727432542&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077327%2C31076994%2C21065725%2C31077705&oid=2&pvsid=3517249380039617&tmod=672292082&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219 Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqmf5tjy760wdb5tcbd7xddp8yazfm32v10jbce5nq3cvsn787awj0f70pttdt1spfjkdhzekb5k9fkzarv7wwyyfe72sbp3x2pe1xdm1pzb0111aer088xg3p1jzr9yznhnajxesrd25xcj3evcpn3mpwxvbper859zx04r1yfaf5579jsa4j8mzsvrgkfaq3exekqey4whqnfhcefvg0e241zz7sc0vgq5cwhnw3w2bf9tgrbdybcxxz7chfacy5zr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8qn5stbz2955c3bhxdyb11gxwh6v9w155nxbzax9jnq8wvmx8ctvfcqj2h080qr3jjsfzbzxy3yzqcqtbncfkqhb402zghstah7v0sj825e0gp2wg723fzha22dg5qwb80bqvy43w6fqpjg1vmppe30t12h7v4b043yw6z6n0eyzjcrw39f8h74qeedr2fx958he2zmqgrarsv712zdb3nwsn0cxffaspn6vnhyjbhcssc14f89vxbbkpjj2x2haq9c00qpd42s1qq51yzq1kd7c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDpBNOrEHZamQNuyBx_AP0c6z8AGQ4YGEXLaoworwAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi0zNzg0Nzc5NDMyMTcyMzM4yAEJqQII7SoEJuGxPuACAKgDAcgDAqoE5wJP0JDnxDD3bh1YPgHStOeGrbpiHaf8gEZRwzyp6EhxJK0xyXcFIQRLniAaVFMnDWt6EnI9l1e3DO-aoBNFLl3WKLxKHns__JYAolXIbAbxznXJGN_Zn2X6x9c2dfWuuTb_9K_WtGo3lXeNsg8MDLRD1Sgx1q5rnnM79iSgYXv9T3eZC9Mswh2vvmfxOntwGLWaxQmWSrDjoT9lIOWsUczm7rWkXRj8WyArM2an1uP6qm7CRIfnJ4o6t4pox-bYd2qQLdJ2petFO4FoF0oqftaCj3q0sVKxIpKv7E-PU-K-igY15-ElEDgQoE5g5Y-Jmjd47KdKCGNXSeR2pSZ2VnM73cCcmp-13Vgt6xC9Ga11A86Xo7Xz6D3TXlIdGrWBUL4RJdJjCSq2104jUV8ljdoTfl_4PjfrRNWtyRtyXUOlvgrkWnAwbBGwm3El9fDoNzuQR65-euQ2tXRac0ExQOC_TBe4BFji--AEAYAG4OTw4aOW3rO8AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2uWF3S5Y1dug5btR37Ku1xOYiPsw%252526client%25253Dca-pub-3784779432172338%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14f021e12b618e0d55f6a19cc784ca31.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
analytics.pangle-ads.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
assets.vlitag.com
b1sync.zemanta.com
beacon.walmart.com
bid.2trk.info
buttons-config.sharethis.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.2trk.info
cdn.ampproject.org
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
config.aps.amazon-adsystem.com
cr.frontend.weborama.fr
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
px.vliplatform.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb2-useast.e-volution.ai
rtgcdn.2trk.info
rtgcloudsql.2trk.info
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
securityaffairs.com
services.vlitag.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync.1rx.io
sync.crwdcntrl.net
sync.gonet-ads.com
sync.quantumdex.io
sync.srv.stackadapt.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
useast.quantumdex.io
visitor.omnitagjs.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
a.audrte.com
a.c.appier.net
aax-eu.amazon-adsystem.com
ad.turn.com
ads.betweendigital.com
ap.lijit.com
c1.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
ib.adnxs.com
id.a-mx.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
s.ad.smaato.net
s.amazon-adsystem.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.crwdcntrl.net
sync.srv.stackadapt.com
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
108.138.9.235
13.224.192.181
13.32.99.78
141.95.33.111
142.250.185.134
145.40.97.66
154.59.122.79
162.19.138.119
167.233.13.224
172.217.16.130
174.137.133.49
18.134.234.224
18.156.139.59
184.30.16.195
184.86.251.219
185.184.8.90
185.255.84.153
185.64.189.112
185.86.138.150
185.86.138.16
188.42.105.236
192.0.76.3
192.0.77.2
198.47.127.19
20.114.74.38
2001:4860:4802:32::36
213.155.156.183
2600:9000:2111:9c00:c:abe:f440:93a1
2600:9000:211e:600:9:46dc:4700:93a1
2600:9000:2490:6600:6:44e3:f8c0:93a1
2606:4700:10::6816:2560
2606:4700:10::6816:3bc7
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:8cd3
2606:4700:3037::ac43:9e3b
2606:4700::6810:5714
2606:4700::6812:1791
2606:4700::6812:19ad
2606:4700::6812:372
2606:4700:e6::ac40:c41d
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c03::9d
2a02:2638:3::c
2a05:d018:d29:3601:3fa9:14e5:74a3:7a1d
3.65.104.49
3.76.65.13
34.91.62.186
37.157.4.28
51.38.120.206
52.29.79.55
64.202.112.31
84.200.5.215
92.123.148.9
99.86.4.71
00c4e9d7157cd302842247ada28bef5091178553442a4cab71c8da9d15eccbd4
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
044ba816e2983deee83b6fcf204149c02261a0bd5b45b839f61f8cfb480ce553
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08c0f5d2f62e6ada7568f1438fb968a79908b6e7984960f8726f20c066500c6e
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0edddc5a409a83391e9fb3e56e56a2e8ddf3fa3dad7d285f918e48a55b73b0f3
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
0f195065cde843d61b0fa0897b93f40a68e6e62cc8eb30c1bebd0297fdcc063c
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1267fc6c8805b7f508e04bc8da776509420413adb25e197f12c9f9405c74ac6d
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
1863a0812efa345476852c35e9d879de57a439b26f90c85a87a808ff65098a64
18e85f0ffb42614435980499c2a34ae6b797eeb46188fe9bf2992826d1b4f832
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a5fe5d03c3f0603d6fb4cfda187a29e2e7128e01a17ac1f3d23d97bea90d4a4
1be18754145da605cce6985feda4a79f16c787ceb2697c1579060add9209e960
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef
1f6bbaa4580eaeae5ed5ea7e121db05efb20eda01c160bb9342067b26fc8fd67
20d9446b589f06289e3a2f62cd749f76b571c6acc63ec6e1e93710854017c6bf
2291ebd49336a26942ce646542223b34f82be07fddd94b49a0e5bd7e47924df0
2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3f9f20fa82cb67641d1574638b6937925e604969094ab665667ae5e6217be714
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fd81c7f97ea09b046d04e85f4c71fd72acf741ce71b2b51191259cb62e105b7
50a32c40c10e475dc6255fc3dab367b6b5e62a2cadc958eb98c74b712ece3fd7
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832
5217ce0a0202b0b14813cae8d18628a47d4b9441cd7ecf89f8fbc8774c51b4f4
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59df4689b19613d21bc2f968f177faa970cc315a56212b60783e3ab0a967d3fe
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5de578ea18822efd63588f900aa9331d06efcd006d155c9b1a20172f80057be7
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a73ebff796388cdfb31534f8892dd3f90f09a1c6bb114a71a23a5acf31dbfe
64dd310e92d12e9cf0238bcbea0f0118bd9102a03f9c99d1a27e56395f5df8e8
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
698efec41dc5a5946ae4a26a456cad7646bb9cb56a479ee89b76160cccba142e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba9e075b3935a6a603901677129638c4cf8e7daded10b0ef51f80f09c468461
6c8695421c1204d8b46122d8a9d6ffedccc51613c08749d1c30e5c66a0721107
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
76ed6e04dcbd1ec31b35946a82d309f567784d9c6fa612614997d21df9f3ef3a
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78ed81e5abede628c4f16785d6fea534dfe0d74b3fa00b3e09eba4c826c54599
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03
7b158091c908edeaaba6d8d030b68c5846827cd444e3783c61b1b8b4e5a38b2c
7c05aee0b1b05d6df48e6aca8567812ffa8de271170295a00c21a51edd9d3f91
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7d4ef6f0bfc1cf4142d68db239b944bc06ffdf38435d3d4390f47e8c77812d03
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ee7cf89cb6f5751c186702b016fd55489761b48c82b0781aee30e5644feeb9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8c13325772681b56bd807194656700c0225c1a9d9b61d20bbda9b738f12cfe7c
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
8fdfb4459ca9aba0bb76eeeba7eee15f7d7dc85404580378744ebc0ec0d0765f
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94652e478f7e689cf19ad2b4ecdfccf26e3eab676045f595df52ece72affd4cb
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
99a6642d424fc3a9fbaaae2188f62b790e0e0f7b032a79c83b144a107259ad71
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9baafe295a2c10f302c9cda8a96f98a2b73e6ead991a4663f4ae8014a6169df3
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a04d7dbb75b12cca2026893b42ff1984e628252a3be73b60810af31df79b6106
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
a61f5b51ac3377754f2600b2ca6aea08c99f5659672782b0a829fd9da9e90407
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a8c77af323ec6d1728a194af9fb12add64151fec0595975d40deff6ee15470fc
aa5dd4cda9d21677b8cb1b55fd739ba6631465578bf4c5f6cbc368d7009f9876
ac4b862137365ea654dc8793df971aea428ffb0195a3c6599bc26f70336b155d
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66
b0a85005d98b37a27bb7c3636c1b8dd0da2c5fa5dfcd801bc21a8b245731c3cc
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60
b3632e832cf7505fab2bd8707c79de38e4dc9371bbc019e863a461d65e73b6a8
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba8a2573fe8b9833ad134018ac10ce7ab18748c0ad4b1fe8484b098b847fe2b9
bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c
bcbbda0fd2a4322ae70f177ea7cff22aa049fb82a61e49de39669b393cf672ba
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c7b4e0ead046aaf8bf5ccbfc2cacb1034484502f3edef69134a060f49edda834
c8ad1a9926a8acbac38299ec08fbd6facc377ac2f1aec054fd37cc9001bd91c7
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9b0914a3878835b09b5cdd07ce0e44f08ac0ac05560841d1206ec421d93502
cfc2428c22ee3bc362ec4423baad407259a89f564dce35a3a3352c6190655651
d050cd4a7c748cdcf9b098f031e911271757f008419f6d558dce33acde4f5a3c
d321c7967bdb63463840badb61943ed20b727e071b4a68585917d45b01626bbf
d43993db4451098683408e1ab4b6d21938a60291c146c15a379cabfc0c1cb38f
d4b17a94485a9de7d0cf1174ea264afe26954fbf9c6119ffa31f000951455171
d6c27f54b1b1e4d2eeff5afc0a4ac422ebc29d10fcc356da9ce567f926cf177d
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e30c41da786d69a91e49c8c81e0a7ddcf39c95a20a68fb1e12fdcb8bbe1cf181
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f294eb188a59c61d3d3d6462cfb0b9c3e8559aaf4f95ab3fc9b010b4e1c20418
f2ed80b537e658858b2ebe3ebb7a8ff5fdb21089766a68419c0fc28153daac66
f37b6e84d0ad819b50c8a4357a5d19a3ec8a051536348a45940581d5d5ed9d09
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f76335e8788f66c0efc72c2d0db22496f8983e7ce66aaaa7c179f65fa08e5dae
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f882baf26e69f696c0fa4a3d0c73748833aaca09463f7febf3fd5e564ed2dd1a
fe5fb671755095969536af62838dd6e3293ace075afa4d66362ba2d3cc423160

securityaffairs.com Open in urlscan Pro 2606:4700:3031::ac43:8cd3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

323 Requests

82 %HTTPS

50 %IPv6

80 Domains

114 Subdomains

60 IPs

10 Countries

3063 kBTransfer

8199 kBSize

56 Cookies

24 Outgoing links

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityaffairs.com Open in urlscan Pro
2606:4700:3031::ac43:8cd3 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

82 %
HTTPS

50 %
IPv6

80
Domains

114
Subdomains

60
IPs

10
Countries

3063 kB
Transfer

8199 kB
Size

56
Cookies

323 HTTP transactions
4 data transactions