urlscan.io logo urlscan.io
SecurityTrails logo

www.itpro.co.uk Open in urlscan Pro
65.9.77.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/0u0PXZrkTP
Effective URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Submission: On June 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 107 IPs in 10 countries across 92 domains to perform 437 HTTP transactions. The main IP is 65.9.77.71, located in United States and belongs to AMAZON-02, US. The main domain is www.itpro.co.uk.
TLS certificate: Issued by Amazon on June 22nd 2021. Valid for: a year.
This is the only time www.itpro.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
43 65.9.77.71 16509 (AMAZON-02)
10 32 142.250.186.66 15169 (GOOGLE)
3 13.226.155.37 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 9 2.18.234.21 16625 (AKAMAI-AS)
1 65.9.77.26 16509 (AMAZON-02)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 151.101.1.26 54113 (FASTLY)
15 2a00:1450:400... 15169 (GOOGLE)
5 65.9.86.127 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
2 7 76.223.111.131 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 135.125.8.31 16276 (OVH)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.77.94 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 89.187.169.3 60068 (CDN77 ^_^)
1 46.105.202.126 16276 (OVH)
1 151.101.14.217 54113 (FASTLY)
2 52.211.195.119 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.77.116 16509 (AMAZON-02)
1 65.9.77.16 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.77.59 16509 (AMAZON-02)
1 3.211.86.214 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2 35.190.59.101 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
1 108.161.189.32 33438 (HIGHWINDS2)
6 34.252.255.244 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 70.42.32.191 13789 (INTERNAP-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 54.228.130.197 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42:1b:... 54113 (FASTLY)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 51.210.215.108 16276 (OVH)
4 6 37.252.172.249 29990 (ASN-APPNEX)
2 23.37.38.181 16625 (AKAMAI-AS)
2 4 37.252.172.38 29990 (ASN-APPNEX)
2 104.16.190.66 13335 (CLOUDFLAR...)
6 52.28.203.152 16509 (AMAZON-02)
4 178.250.2.131 44788 (ASN-CRITE...)
2 216.52.2.19 30282 (AS-INAPCD...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 12 35.244.159.8 15169 (GOOGLE)
1 11 52.95.124.170 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 178.250.0.173 44788 (ASN-CRITE...)
9 9 3.215.252.168 14618 (AMAZON-AES)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 151.101.13.27 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.107.231.31 15169 (GOOGLE)
3 144.217.68.139 16276 (OVH)
5 52.209.37.147 16509 (AMAZON-02)
3 151.101.114.137 54113 (FASTLY)
1 65.9.77.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 185.29.135.227 30419 (MEDIAMATH...)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 4 37.157.6.251 198622 (ADFORM)
1 15 34.251.173.19 16509 (AMAZON-02)
3 2.18.233.180 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
2 4 2a00:1288:110... 34010 (YAHOO-IRD)
3 3 18.159.182.76 16509 (AMAZON-02)
11 11 52.29.176.117 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
1 14 185.64.190.80 62713 (AS-PUBMATIC)
1 1 185.86.137.133 201081 (SMARTADSE...)
3 3 198.148.27.140 19189 (PULSEPOINT)
3 193.122.128.135 31898 (ORACLE-BM...)
1 142.250.185.130 15169 (GOOGLE)
1 1 157.90.167.185 24940 (HETZNER-AS)
1 1 70.42.32.31 13789 (INTERNAP-...)
2 2 18.184.87.203 16509 (AMAZON-02)
2 2 213.19.147.45 3356 (LEVEL3)
1 1 185.86.138.132 201081 (SMARTADSE...)
5 8 151.101.114.49 54113 (FASTLY)
1 208.100.17.180 32748 (STEADFAST)
1 18.195.155.181 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
3 4 185.184.8.65 204995 (RTB-HOUSE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 37.157.6.242 198622 (ADFORM)
1 18.156.0.31 16509 (AMAZON-02)
3 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2600:9000:210... 16509 (AMAZON-02)
8 52.86.216.75 14618 (AMAZON-AES)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 8 69.173.144.138 26667 (RUBICONPR...)
1 1 69.173.144.139 26667 (RUBICONPR...)
22 37.157.2.249 198622 (ADFORM)
1 35.244.174.68 15169 (GOOGLE)
2 2 213.155.156.181 1299 (TELIANET ...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 162.55.6.210 24940 (HETZNER-AS)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 146.59.148.16 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.126.56.137 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.199.13.197 14618 (AMAZON-AES)
5 72.251.249.9 29791 (VOXEL-DOT...)
2 2 35.210.53.219 15169 (GOOGLE)
437 107
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
43    65.9.77.71 (United States)

ASN16509 (AMAZON-02, US)
www.itpro.co.uk
32    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    13.226.155.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-37.dus51.r.cloudfront.net
itpuk-mms.itpro.co.uk
1    2a02:26f0:6c00:28f::1fd4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
media.itpro.co.uk
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    65.9.77.26 (United States)

ASN16509 (AMAZON-02, US)
cdn.adsafeprotected.com
1    104.19.149.54 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
15    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
13    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:9cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
21    135.125.8.31 (France)

ASN16276 (OVH, FR)
PTR: dtk-lb-gra11.dginfra.net
www.ultimedia.com
medialb.ultimedia.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    65.9.77.94 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com
a.omappapi.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
2    52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
ml314.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    65.9.77.116 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    65.9.77.16 (United States)

ASN16509 (AMAZON-02, US)
api.omappapi.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    65.9.77.59 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    3.211.86.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-86-214.compute-1.amazonaws.com
in.ml314.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
p.skimresources.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
r.skimresources.com
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    108.161.189.32 (United States)

ASN33438 (HIGHWINDS2, US)
encraveimg-yowgo.netdna-ssl.com
6    34.252.255.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
4    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
10    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    54.228.130.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
eum-eu-west-1.instana.io
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    51.210.215.108 (France)

ASN16276 (OVH, FR)
ads.videoadex.com
medialb.digiteka.net
6    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
2    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
6    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
eu-central-1-web.ssp.yahoo.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
dennis-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
11    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    178.250.0.173 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
3pd.criteo.com
9    3.215.252.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
match.prod.bidr.io
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
p.adlooxtracking.com
3    144.217.68.139 (Beauharnois, Canada)

ASN16276 (OVH, FR)
ngs30c.digiteka.net
5    52.209.37.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dig.ultimedia.com
3    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
bam.eu01.nr-data.net
1    65.9.77.3 (United States)

ASN16509 (AMAZON-02, US)
play.adpaths.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    185.29.135.227 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
15    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    18.159.182.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
11    52.29.176.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
a.volvelle.tech
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pubads.g.doubleclick.net
1    157.90.167.185 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
1    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.184.87.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    185.86.138.132 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    208.100.17.180 (United States)

ASN32748 (STEADFAST, US)
PTR: ip180.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
service.idsync.analytics.yahoo.com
3    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
ads.yahoo.com
2    2600:9000:2104:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    52.86.216.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
22    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
2    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.199.13.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
5    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pool.admedo.com
Apex Domain
Subdomains		 Transfer
47 itpro.co.uk
www.itpro.co.uk
itpuk-mms.itpro.co.uk
media.itpro.co.uk
730 KB
37 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
207 KB
33 adform.net
c1.adform.net
track.adform.net
s1.adform.net
143 KB
26 ultimedia.com
www.ultimedia.com
medialb.ultimedia.com
dig.ultimedia.com
587 KB
20 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
34 KB
17 googlesyndication.com
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
220 KB
17 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
314 KB
17 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
104 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com Failed
42 KB
15 gumgum.com
rtb.gumgum.com
5 KB
14 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com Failed
pr-bh.ybp.yahoo.com
service.idsync.analytics.yahoo.com
eu-central-1-web.ssp.yahoo.com
ads.yahoo.com
14 KB
13 google-analytics.com
www.google-analytics.com
74 KB
12 openx.net
dennis-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
3 KB
12 google.com
www.google.com
adservice.google.com
2 KB
11 bidswitch.net
x.bidswitch.net
4 KB
11 rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
16 KB
11 gstatic.com
fonts.gstatic.com
221 KB
10 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com Failed
10 KB
10 adnxs.com
ib.adnxs.com
secure.adnxs.com
10 KB
9 bidr.io
match.prod.bidr.io
4 KB
9 criteo.com
gum.criteo.com
bidder.criteo.com
3pd.criteo.com
dis.criteo.com
4 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com
r.skimresources.com
15 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
8 KB
7 adsrvr.org
match.adsrvr.org
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
5 ampproject.org
cdn.ampproject.org
101 KB
5 digiteka.net
medialb.digiteka.net
ngs30c.digiteka.net
33 KB
5 outbrain.com
amplify.outbrain.com
tr.outbrain.com
sync.outbrain.com
5 KB
5 instana.io
eum.instana.io
eum-eu-west-1.instana.io
10 KB
4 creativecdn.com
creativecdn.com
1 KB
4 unpkg.com
unpkg.com
10 KB
4 googletagservices.com
www.googletagservices.com
141 KB
4 google.ch
adservice.google.ch
1 KB
3 technoratimedia.com
sync.technoratimedia.com
584 B
3 contextweb.com
bh.contextweb.com
2 KB
3 w55c.net
pm.w55c.net
2 KB
3 nr-data.net
bam.eu01.nr-data.net
606 B
3 jsdelivr.net
cdn.jsdelivr.net
4 KB
3 ml314.com
ml314.com
in.ml314.com
14 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
62 KB
3 google.de
www.google.de
692 B
2 admedo.com
pool.admedo.com
709 B
2 avct.cloud
ads.avct.cloud
894 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
976 B
2 de17a.com
d5p.de17a.com
637 B
2 yimg.com
s.yimg.com
87 KB
2 1rx.io
sync.1rx.io
421 B
2 360yield.com
ad.360yield.com
617 B
2 smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
1 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 quantserve.com
pixel.quantserve.com
939 B
2 districtm.io
dmx.districtm.io
380 B
2 cloudflare.com
cdnjs.cloudflare.com
112 KB
2 facebook.com
www.facebook.com
162 B
2 omappapi.com
a.omappapi.com
api.omappapi.com
57 KB
2 facebook.net
connect.facebook.net
98 KB
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
287 B
1 postrelease.com
jadserve.postrelease.com
544 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 onaudience.com
pixel.onaudience.com
400 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 rfihub.com
p.rfihub.com
747 B
1 emxdgt.com
cs.emxdgt.com
1 33across.com
ssc-cms.33across.com
1 zemanta.com
b1sync.zemanta.com
288 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 2mdn.net
s0.2mdn.net
17 KB
1 adpaths.com
play.adpaths.com
43 KB
1 adlooxtracking.com
p.adlooxtracking.com
665 B
1 newrelic.com
js-agent.newrelic.com
15 KB
1 taboola.com
sync.taboola.com
376 B
1 videoadex.com
ads.videoadex.com
238 B
1 netdna-ssl.com
encraveimg-yowgo.netdna-ssl.com
1 KB
1 btloader.com
btloader.com
5 KB
1 webcontentassessor.com
scripts.webcontentassessor.com
18 KB
1 id5-sync.com
cdn.id5-sync.com
7 KB
1 googletagmanager.com
www.googletagmanager.com
64 KB
1 criteo.net
static.criteo.net
38 KB
1 polyfill.io
polyfill.io
531 B
1 permutive.com
cdn.permutive.com
261 KB
1 indexww.com
js-sec.indexww.com
47 KB
1 t.co
t.co
472 B
0 adroll.com Failed
d.adroll.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
437 92
Domain Requested by
43 www.itpro.co.uk t.co
www.itpro.co.uk
22 s1.adform.net scripts.webcontentassessor.com
18 securepubads.g.doubleclick.net www.itpro.co.uk
securepubads.g.doubleclick.net
t.co
www.googletagservices.com
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
imasdk.googleapis.com
15 rtb.gumgum.com 1 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
15 www.ultimedia.com www.itpro.co.uk
www.ultimedia.com
15 fonts.googleapis.com www.itpro.co.uk
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
14 cm.g.doubleclick.net 10 redirects eu-u.openx.net
rtb.gumgum.com
eus.rubiconproject.com
www.itpro.co.uk
13 www.google-analytics.com www.itpro.co.uk
www.google-analytics.com
www.googletagmanager.com
11 x.bidswitch.net 11 redirects
11 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
ssum-sec.casalemedia.com
ap.lijit.com
11 fonts.gstatic.com fonts.googleapis.com
10 tpc.googlesyndication.com scripts.webcontentassessor.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
www.itpro.co.uk
9 simage2.pubmatic.com ads.pubmatic.com
9 match.prod.bidr.io 9 redirects
8 dt.adsafeprotected.com
8 sync-tm.everesttech.net 5 redirects rtb.gumgum.com
ads.pubmatic.com
www.itpro.co.uk
7 track.adform.net scripts.webcontentassessor.com
www.itpro.co.uk
s1.adform.net
7 match.adsrvr.org 2 redirects js-sec.indexww.com
eu-u.openx.net
eus.rubiconproject.com
ssum-sec.casalemedia.com
www.itpro.co.uk
6 sync.mathtag.com 6 redirects
6 ib.adnxs.com 4 redirects www.itpro.co.uk
6 medialb.ultimedia.com
6 adservice.google.com securepubads.g.doubleclick.net
www.ultimedia.com
6 pixel.adsafeprotected.com www.itpro.co.uk
scripts.webcontentassessor.com
6 www.google.com 1 redirects tpc.googlesyndication.com
www.itpro.co.uk
5 ce.lijit.com ap.lijit.com
5 cdn.ampproject.org scripts.webcontentassessor.com
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 dig.ultimedia.com www.ultimedia.com
5 eu-u.openx.net js-sec.indexww.com
eu-u.openx.net
u.openx.net
5 c2shb.ssp.yahoo.com www.itpro.co.uk
5 pagead2.googlesyndication.com www.itpro.co.uk
tpc.googlesyndication.com
srcdoc
5 c.amazon-adsystem.com www.itpro.co.uk
c.amazon-adsystem.com
4 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
4 pixel.rubiconproject.com eus.rubiconproject.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 creativecdn.com 3 redirects www.itpro.co.uk
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 us-u.openx.net 1 redirects eu-u.openx.net
u.openx.net
4 bidder.criteo.com www.itpro.co.uk
static.criteo.net
4 secure.adnxs.com 2 redirects www.itpro.co.uk
4 unpkg.com 2 redirects www.ultimedia.com
4 eum-eu-west-1.instana.io eum.instana.io
4 www.googletagservices.com scripts.webcontentassessor.com
securepubads.g.doubleclick.net
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
4 adservice.google.ch securepubads.g.doubleclick.net
3 sync.technoratimedia.com u.openx.net
rtb.gumgum.com
ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 pm.w55c.net 3 redirects
3 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
3 bam.eu01.nr-data.net www.ultimedia.com
3 ngs30c.digiteka.net
3 3pd.criteo.com www.itpro.co.uk
3 cdn.jsdelivr.net www.ultimedia.com
3 t.skimresources.com www.itpro.co.uk
3 www.google.de
3 stats.g.doubleclick.net www.itpro.co.uk
3 itpuk-mms.itpro.co.uk www.itpro.co.uk
itpuk-mms.itpro.co.uk
2 pool.admedo.com 2 redirects
2 ads.avct.cloud 2 redirects
2 d5p.de17a.com 2 redirects
2 static.adsafeprotected.com scripts.webcontentassessor.com
www.itpro.co.uk
2 s.yimg.com scripts.webcontentassessor.com
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 sync.outbrain.com 1 redirects rtb.gumgum.com
2 a.volvelle.tech 2 redirects
2 ups.analytics.yahoo.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
ssum-sec.casalemedia.com
www.itpro.co.uk
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 pixel.quantserve.com 2 redirects
2 medialb.digiteka.net www.ultimedia.com
2 imasdk.googleapis.com www.ultimedia.com
2 as-sec.casalemedia.com www.itpro.co.uk
2 dennis-d.openx.net 1 redirects
2 ap.lijit.com www.itpro.co.uk
aax-eu.amazon-adsystem.com
2 dmx.districtm.io www.itpro.co.uk
2 htlb.casalemedia.com www.itpro.co.uk
2 cdnjs.cloudflare.com www.ultimedia.com
2 tr.outbrain.com amplify.outbrain.com
2 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 r.skimresources.com 1 redirects
2 p.skimresources.com
2 www.facebook.com connect.facebook.net
2 ml314.com t.co
ml314.com
2 connect.facebook.net t.co
connect.facebook.net
1 jadserve.postrelease.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 eu-central-1-web.ssp.yahoo.com scripts.webcontentassessor.com
1 service.idsync.analytics.yahoo.com scripts.webcontentassessor.com
1 googleads.g.doubleclick.net www.itpro.co.uk
1 p.rfihub.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 ssc-cms.33across.com rtb.gumgum.com
1 ssbsync.smartadserver.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 rtb-csync.smartadserver.com 1 redirects
1 u.openx.net aax-eu.amazon-adsystem.com
1 s0.2mdn.net www.ultimedia.com
1 play.adpaths.com www.ultimedia.com
1 p.adlooxtracking.com www.ultimedia.com
1 js-agent.newrelic.com www.ultimedia.com
1 sync.taboola.com 1 redirects
1 hbopenbid.pubmatic.com www.itpro.co.uk
1 ads.videoadex.com www.ultimedia.com
1 encraveimg-yowgo.netdna-ssl.com www.googletagmanager.com
1 amplify.outbrain.com t.co
1 in.ml314.com ml314.com
1 vars.hotjar.com static.hotjar.com
1 btloader.com www.googletagmanager.com
1 api.omappapi.com www.itpro.co.uk
1 script.hotjar.com static.hotjar.com
1 s.skimresources.com www.googletagmanager.com
1 scripts.webcontentassessor.com www.googletagmanager.com
1 cdn.id5-sync.com www.googletagmanager.com
1 a.omappapi.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 gum.criteo.com static.criteo.net
1 eum.instana.io www.itpro.co.uk
1 www.googletagmanager.com www.itpro.co.uk
1 api.rlcdn.com js-sec.indexww.com
1 static.criteo.net js-sec.indexww.com
1 polyfill.io www.itpro.co.uk
1 cdn.permutive.com www.itpro.co.uk
1 cdn.adsafeprotected.com www.itpro.co.uk
1 js-sec.indexww.com www.itpro.co.uk
1 media.itpro.co.uk www.itpro.co.uk
1 t.co
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 pixel-sync.sitescout.com Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 tg.socdm.com Failed rtb.gumgum.com
0 match.deepintent.com Failed rtb.gumgum.com
0 sync.ipredictive.com Failed rtb.gumgum.com
0 sync.srv.stackadapt.com Failed rtb.gumgum.com
437 150
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
graphql.autoexpress.co.uk
Amazon		 2021-06-22 -
2022-07-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
aex-mms.autoexpress.co.uk
R3		 2021-06-15 -
2021-09-13		 3 months crt.sh
s3-san.cloudinary.com
R3		 2021-04-30 -
2021-07-29		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adsafeprotected.com
Amazon		 2020-08-19 -
2021-09-18		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-24 -
2021-12-25		 a year crt.sh
*.ultimedia.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2022-03-05		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
a.omappapi.com
R3		 2021-06-03 -
2021-09-01		 3 months crt.sh
cdn.id5-sync.com
R3		 2021-05-28 -
2021-08-26		 3 months crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-01-27 -
2022-02-28		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
api.opmnstr.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-06 -
2021-10-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.google.ch
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.videoadex.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-02 -
2022-03-05		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-06-28 -
2021-09-26		 3 months crt.sh
*.digiteka.net
Sectigo RSA Domain Validation Secure Server CA		 2020-12-14 -
2022-01-14		 a year crt.sh
*.eu01.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-04 -
2022-02-08		 2 years crt.sh
*.adpaths.com
Amazon		 2021-03-04 -
2022-04-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-23 -
2021-08-04		 a month crt.sh
static.adsafeprotected.com
Amazon		 2020-10-03 -
2021-11-03		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh

This page contains 48 frames:

Primary Page: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Frame ID: 04C5BDE0151B97B60CF0DAD0773C73F7
Requests: 202 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.itpro.co.uk&gdpr=0&gdpr_consent=
Frame ID: 0694E511CC7CCB353C6979D93BDDEC11
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 4B49CFC28615D3B82D948FA0BAB50709
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.6793129102233211
Frame ID: ED784C75ED0A87B61671C672B3546F35
Requests: 1 HTTP requests in this frame

Frame: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6F2A396ABE4F3DA5AE2F43C618FBCD8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu98r1sK7l49cW_FyPCvvhSOCDP1i_5-sVrmDUWIZgGnMSxVk23rO3zMGgdBZAAYGX8I6ef9R5E6HQ3_U-9iqjNoNXT5PPnSEcsZZzjxVxPjBNBgenPe_nqlPP1PusHlsYXgpa9L5Y8kdXt7AvcTDlP2GnqDfk8IB8mFX-bUNaqA-ftpn7YP4LBO3s6svobJfNPF5pMuNvNQVtwArH912ae8gkueX8Dsux59p7JKp9eBCewy6r2Az_eDQf_v-Nh-GgBlXlbwSIQTRLKkeefm-AtSUXffTT2XvZcXmrWBuFbPo-mGjZw3Xv8162bR0QYp6c0wFGxHJN1eAqdavQ&sai=AMfl-YS8eVhURtj8Bx3hLGoN65TpuuS9sEPrcGN_Vh2jc0kx2lyz9W-H0gr3EqErqRluCjAbkHw0Y8xJHC9hSGpfGCv4Dw3mNHCirRgCKLj4bd3dF8PT8vP67mxHt5Vt-AoD&sig=Cg0ArKJSzEhpt-FOAXbYEAE&adurl=
Frame ID: 50EF590EBA93CBD12719785172E64A87
Requests: 7 HTTP requests in this frame

Frame: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Frame ID: D9F614FB7E681584EB3CD84246716EC3
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5B8B4BC4D4E53643444CFF9E5AE188DE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5B23D2D95879B9179E1B914D9AEDE5A
Requests: 1 HTTP requests in this frame

Frame: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07D0D4E62163274CD41AF67B5C30F4C5
Requests: 23 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Frame ID: 649EEDDAF7D0E92C50798C6216130C09
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 5B00B65FB3F886B8D0DB52454C0D737A
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: 92852EAF39DAD16DA2AD6B641342BEC0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Frame ID: 6821413DEA5F5503AFE705F3E98F2F17
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3DADE24753893278735424B684F9827A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: D550709BE547D9D3811B268B5DB84DB2
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 1C6991A66C773F9245466FAEB8D3501F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: 61AB7BF126273F589B880E519A3B423A
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: F7E80F2022E86199AEF619C912E6B2A0
Requests: 12 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0
Frame ID: 2CC1D66FE31A45560AB3781A6880CE03
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: A811FE4D355E1717E645F8DCACDA8740
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=districtm&gdpr=0
Frame ID: 1AEA906B47053E52EB1C88C291E65022
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=appnexus.com&gdpr=0
Frame ID: A1E7B566E7859AC3722157AE213C5E9E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: CE88443B34DD67A5C01232C19639273A
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
Frame ID: 975515B06C07D0787282AEBBC609B180
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
Frame ID: 37918C95166B192F84ACEF8343763516
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZWQ0MjlhZi00ZDdmLTQ2MzMtYWU3NC0wYjkwYmYwOGI3YjM=&gdpr=0&gdpr_consent=
Frame ID: 2B9B04F70415EB596141B44CFD29477E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8D564EB6A274541E50CD450ACB020E4B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 38DDA99E856AC9E1B6BD33CE10DF7049
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
Frame ID: 5A7F444C66AFB6746A0C185C486627C4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 7FDF5198616AFB591D7B970310214FA5
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 1798476F36F1240362B42E4FC9CAC3F4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739027945780747
Frame ID: 8547AB9FF562BB440381E49DC09298D6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
Frame ID: 97D3AE10F52F8BB32C1D77C4A27BA11F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Frame ID: DE30920A3A72578BF9AE901F22735577
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXS5YYOxlArnIcWN9QccQT2x6hKM8G3LyV_4_9RT58OobOKlqzoXmVWwHT6dsT8_PXRAge2C2xxOx1zw-Ta9DZFRDZyDUaBBx-g5F1pnmRj8BAXRXMAHsas-3Z8y5COg7LVCYaYM2eSaFLqTiu3uZA1HDZkRWkL4FvoJHCQ1Y6wqRHHO5ctfuy30kLp0tASjfeKg3iXJAI_u02On1HElxexoH0cpZ4ri6nWkKiab64oM2toKF6cRaAWlYC9o7UnAFwxb2cNjblHnNuUFXwwhEsdgm3c2v0ANxwZ3Df6-vfn0Yf3E3casMqmjfZqBT8ctZBs-4Jc9uUnt5RbiRo2f0&sig=Cg0ArKJSzInp-TD42dc0EAE&urlfix=1&adurl=
Frame ID: 2CDF4334639E25164C60A6F1C2746F0D
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=47244941;rtbwp=4.646535;rtbdata=VScbB5JZwQYUfnZx0tc2oQfvoWxedkaEBXZ15jTD_11oYv1X4eA_IiUj5btkpEZ0G2Y2UDgDIImgXq9iJgtaS0HHuaqghoCmL1yDLGT21ONjs3LzooiWllVlnH2CEwiezKKyxesIzqCvhRfEtqUPHmZi6Hpn5ZF6T9QMH240rTHbFbdzkOqstj_Nm4-C4gaSbOaB52-xldskPTIgj7LJ_ejGeWH89bNVJ0DQRIl3PLqwGuU78YVK-BjVS3AwzcKbDnOsQ84Aez0A41n_PKKfqdCbdH8FlFd2-Wl__8ZlO7h1JNsjRdNvK8s-6YWf9XROsb0xWde9PHO_J7_QTDWbwMN-1gsNOJHV4UFuhV40q881
Frame ID: 0D7AB846F4B69CEAB14B79F764261D32
Requests: 25 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931015&campId=300x250&pubId=4949190943&chanId=22446486311&placementId=5546725408&pubCreative=138331919016&pubOrder=2779437835&cb=2047563928&adsafe_par&impId=&custom=right_1&custom2=article&custom3=it-pro&custom4=&custom5=
Frame ID: EA1965E2FA75BE135ED059465DC85554
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 28927D1C2151958702F0D3D106ECC90F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=18F41E3D-ABD2-4CEA-860D-A88018DD394B
Frame ID: 531A8C546C60EC07C5F3CF14A57DCBA7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
Frame ID: E7711916226664293643E88542D64E0B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 1AD569BDF460D5B536985D0214463403
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
Frame ID: 3CF16A6371B9E4B82C316ED9B21AE40F
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1
Frame ID: 88B3D54CF066B1EBA78C32EF5E6334BB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: EDA6413EDE69033F016D9D9651E33337
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: ED3074CFBF3C762F6FAEF92933528AA4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=18F41E3D-ABD2-4CEA-860D-A88018DD394B&ex=pubmatic.com
Frame ID: 78C975B031C46FECE11DB30A3E71FBEA
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2040633/9865693/9865693.js?ADFassetID=9865693&bv=257
Frame ID: 2E8BE694F736BC982E2A0066ECB4A423
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/0u0PXZrkTP Page URL
  2. https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-mal... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

437
Requests

95 %
HTTPS

30 %
IPv6

92
Domains

150
Subdomains

107
IPs

10
Countries

4017 kB
Transfer

12436 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/0u0PXZrkTP Page URL
  2. https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F9C55Q50SYYM2H87XT6SYKTW&persistence=1&checksum=308d936e4bc3702e782ab2984c5102e25470b857b4605db84e201c6b4c0e3738
Request Chain 168
  • https://unpkg.com/@silvermine/videojs-quality-selector/dist/css/quality-selector.css HTTP 302
  • https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css
Request Chain 172
  • https://unpkg.com/@silvermine/videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP 302
  • https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js
Request Chain 188
  • https://dennis-d.openx.net/w/1.0/arj?auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&jr=https%3A%2F%2Ft.co%2F&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._lUtZGE1x&cache=1624979463992&ttduuid=c98e1ae0-597c-4d14-8f74-2b18e892634c&gdpr_consent=&gdpr=0&us_privacy= HTTP 302
  • https://dennis-d.openx.net/w/1.0/arj?cc=1&auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&jr=https%3A%2F%2Ft.co%2F&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._lUtZGE1x&cache=1624979463992&ttduuid=c98e1ae0-597c-4d14-8f74-2b18e892634c&gdpr_consent=&gdpr=0&us_privacy=
Request Chain 192
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Request Chain 221
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2f3pd.criteo.com%2fuser-sync%2fmatch%3fp%3diNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&ccpa= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2F3pd.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DiNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q%26u%3D%24%7BUSER_ID%7D&gdpr=false&consent=&ccpa=&_bee_ppp=1 HTTP 303
  • https://3pd.criteo.com/user-sync/match?p=iNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q&u=AAB3qU7BtnAAADaFrkQOoA&gdpr=false
Request Chain 222
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2f3pd.criteo.com%2fuser-sync%2fmatch%3fp%3dFLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa= HTTP 302
  • https://3pd.criteo.com/user-sync/match?p=FLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE&u=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88
Request Chain 247
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5e5160db-3809-4400-a007-2f4030536b73
Request Chain 248
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rm7T0atmh4u1P4-B_Wqag6hsgYq1ONbW_m-5l2gm
Request Chain 249
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5335556453911362704
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHJ_e9zI9yIli_cDsOIdWxw&google_cver=1
Request Chain 265
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=districtm&gdpr=0
Request Chain 266
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=appnexus.com&gdpr=0
Request Chain 271
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8Cde0X0j1LYfod5
Request Chain 272
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=6052f4ee-8ca0-4efb-9eb7-56dcae4a00d8&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=512e0949-b22d-4252-8e93-840d339e41a5
Request Chain 273
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3796571410758066839
Request Chain 274
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCM3FVN0J0bkFBQURhRnJrUU9vQQ&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB3qU7BtnAAADaFrkQOoA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Csyn%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB3qU7BtnAAADaFrkQOoA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1789915405922152302 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB3qU7BtnAAADaFrkQOoA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dsyn%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=1789915405922152302&bee_sync_partners=syn%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB3qU7BtnAAADaFrkQOoA&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D5
Request Chain 277
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3796571410758066839
Request Chain 278
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=512e0949-b22d-4252-8e93-840d339e41a5
Request Chain 279
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&obuid=ENC(H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b)
Request Chain 280
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=2c2ef387-35f8-05d7-2be4-9352480cb5c1
Request Chain 282
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-5olcS4dE2pf3UZw_7EOpziOpFERo00DRLS6L~A
Request Chain 286
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 287
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=4d0477c8-493f-4834-919c-97243ccce6f9
Request Chain 288
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 289
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=SYMw3lgFlBac&ev=1&pid=558355
Request Chain 290
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=4452596173672099665&gdpr=1&gdpr_consent=
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
Request Chain 293
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
Request Chain 300
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=875739027945780747
Request Chain 301
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
Request Chain 312
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 343
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQI6TGX4-4-IDSX&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAoRDZ2TmJoqOxYJSOKvup4&google_cver=1
Request Chain 347
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJNlRHWDQtNC1JRFNY&gdpr=0
Request Chain 348
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQI6TGX4-4-IDSX&sigv=1&esig=2~85602aca843e4aaaac1b56289a40844cf7591df7&gdpr=0
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Request Chain 351
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=YNs4DAACTR7i8QA4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YNs4DAACTR7i8QA4&gdpr=0&_test=YNs4DAACTR7i8QA4
Request Chain 352
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DcSMIFDISpEpPHaqaeBtDg?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1511715280789492473
Request Chain 357
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
Request Chain 358
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 359
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
Request Chain 360
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1
Request Chain 361
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 362
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GPQePavSTOqGDaiAGN05Sw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e5160db-3809-4400-a007-2f4030536b73
Request Chain 366
  • https://pixel.onaudience.com/?partner=214&mapped=18F41E3D-ABD2-4CEA-860D-A88018DD394B HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a4428cec88ff1aec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zcluid=a4428cec88ff1aec&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zcluid=a4428cec88ff1aec&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN3ZfBuIDXgiFXviATL0l9o&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zcluid=a4428cec88ff1aec&zdid=1332
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5335556453911362704
Request Chain 368
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Request Chain 369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c98e1ae0-597c-4d14-8f74-2b18e892634c
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFHQ5vVtJ2K3I8LHoC-X5yk&google_cver=1
Request Chain 371
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3796571410758066839&gdpr=0&gdpr_consent=
Request Chain 374
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTTPi9AA4
Request Chain 375
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V_b1q1L-ofFMp6n7BPK8-VH0p_BMoPCsB_epflZQ
Request Chain 376
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=27f13dea-13b4-4271-8fe3-712877e1854e&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eadffb38-933c-46fc-bfa5-18dcddb29e2a&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 377
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4383735470885525119&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 383
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNs4CD6PnFRWnhwQx6OEPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIj3h22EpkbmzxEXgL89tfw&google_cver=1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNs4CD6PnFRWnhwQx6OEPgAABLYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECJJYeNX78HcS12PjAsz8fo&google_cver=1
Request Chain 387
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625065867
Request Chain 388
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5&C=1
Request Chain 393
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=90&3pid=9fade4a3-231a-49c1-87e3-287777aef6e2&gdpr=0&gdpr_consent=
Request Chain 394
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=3df58d26135d68fa6661dbc5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Request Chain 395
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0920091c-18b3-4d13-9116-eaa59d13594f&user_group=1&ssp=fmx&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=0920091c-18b3-4d13-9116-eaa59d13594f&user_group=1&ssp=fmx&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=eadffb38-933c-46fc-bfa5-18dcddb29e2a
Request Chain 396
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=3796571410758066839&gdpr=0&gdpr_consent=
Request Chain 397
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=SYMw3lgFlBac&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 401
  • https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTR-i9gA4
Request Chain 402
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Request Chain 403
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
Request Chain 404
  • https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/56554/sync?uid=8Cde0X0j1LYfod5&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=8Cde0X0j1LYfod5&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
Request Chain 405
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://pixel.advertising.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Request Chain 406
  • https://trc.taboola.com/sg/marketplaceaol-ssp-network/1/rtb-h?taboola_hm=1 HTTP 302
  • https://match.taboola.com/sg/marketplaceaol-ssp-network/1/rtb-h?taboola_hm=1&tbid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&query=taboola_hm%3D1&isDirect=0 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Request Chain 407
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=nexage_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=&_origin=0 HTTP 302
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1&apid=UP3bbf5b41-d8ec-11eb-b6c1-0ea9e8b5cbaf
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZTJRQWJoRTJ1RzdwcHA0dFljSS5LZlpPbEliUEZOen5B&gdpr=0&gdpr_consent=&_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0

437 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0u0PXZrkTP
t.co/ 		524 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/0u0PXZrkTP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0e0531da52ec3d85b2cdcbe832bb619574e63c8ea9d9ebdec448d1ec42aac70b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/0u0PXZrkTP
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:00 GMT
vary
Origin
server
tsa_o
expires
Tue, 29 Jun 2021 15:16:01 GMT
set-cookie
muc=49c9d1ac-2b8d-4f21-9349-593e593aacf9; Max-Age=63072000; Expires=Thu, 29 Jun 2023 15:11:01 GMT; Domain=t.co; Secure; SameSite=None
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
251
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-connection-hash
8d7431188985eac54cd1779bd8846feb263998cd70f668ef1c04d0bf06b1bba5
Primary Request windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
www.itpro.co.uk/security/zero-day-exploit/359823/ 		442 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
7b5bbf69b7065c52a10340ab1d21a1176079701e32f4ceb55b7d80a1d3646dd1

Request headers

:method
GET
:authority
www.itpro.co.uk
:scheme
https
:path
/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://t.co/

Response headers

content-type
text/html; charset=utf-8
content-length
60666
date
Tue, 29 Jun 2021 15:11:01 GMT
set-cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; Expires=Tue, 06 Jul 2021 15:11:01 GMT; Path=/ AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; Expires=Tue, 06 Jul 2021 15:11:01 GMT; Path=/; SameSite=None; Secure blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; Expires=Tue, 16 Nov 2021 15:11:01 GMT; Path=/; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678; Expires=Mon, 30 Oct 3020 15:11:01 GMT; Path=/;
link
<https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=prefetch, , <https://fonts.gstatic.com>; rel=preconnect; crossorigin=anonymous, <https://polyfill.io>; rel=preconnect; crossorigin=anonymous, <https://ib.adnxs.com>; rel=preconnect; crossorigin=anonymous, <https://match.adsrvr.org>; rel=preconnect; crossorigin=anonymous, <https://stats.g.doubleclick.net>; rel=preconnect; crossorigin=anonymous, <https://cdn.permutive.com>; rel=preconnect; crossorigin=anonymous, <https://eum.instana.io>; rel=preconnect; crossorigin=anonymous, <https://www.google-analytics.com>; rel=preconnect; crossorigin=anonymous, <https://media.itpro.co.uk>; rel=preconnect; crossorigin=anonymous
server
nginx/1.19.0
server-timing
intid;desc=8308849df66faed4
x-powered-by
Express
cache-control
no-cache, no-store, no-transform
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
xld82nOP3OScYJHKRS5EvRBMfbVubp1Nj3R1ldlyyPONtwBncTC_yA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"915 / 944 of 1000 / last-modified: 1624965047"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24250
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:01 GMT
wrapperMessagingWithoutDetection.js
itpuk-mms.itpro.co.uk/ 		152 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itpuk-mms.itpro.co.uk/wrapperMessagingWithoutDetection.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-37.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca5fd7c380b11d2a3e892ba22641c5ecaa55cf0e9ea6854fad6ae77b9871622

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 23 Jun 2021 16:22:24 GMT
server
AmazonS3
age
1135
etag
W/"9ec40d1a4a01c889e08b612e01879eed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Tue, 29 Jun 2021 14:52:15 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tyDZC1W_by-BAKLUotoV8Aj7DvcaxNsoZ_UDuvWpo3LUejhxO7sMdA==
f8e51dfc1ea0df126d72.bundle.js
www.itpro.co.uk/assets/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/f8e51dfc1ea0df126d72.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
185be407cf0ef94458374a523394a92c7badcfafb064500673700fab881a7106

Request headers

:path
/assets/f8e51dfc1ea0df126d72.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:35 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448286
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
q9w4hah2tg0Bbv0XHYKOC10FySj5UtQDILH1sW3ST-O2Q0Vd-xdpaw==
f575a2a12bd62e8b337c.bundle.js
www.itpro.co.uk/assets/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/f575a2a12bd62e8b337c.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
afe59f5429b4e4e2380d1d540fbdb4968a5b9a0537b96a86537bd461fb7264e4

Request headers

:path
/assets/f575a2a12bd62e8b337c.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
TIWvfoOhOCXCUYNqAoMHznPtJePZKVe0ieN23NybC5vQWsKGeblOZQ==
c44d1f561492d1fe467a.bundle.js
www.itpro.co.uk/assets/ 		97 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/c44d1f561492d1fe467a.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
79813ae92270de7d2a48077ce9b4c19b6dfd29c6c1fa4cfbcb449b2eac8d848b

Request headers

:path
/assets/c44d1f561492d1fe467a.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:56 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448265
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
JpQqp6nud4HQ-ARfRBjhcV2wSOsPvt-mMtOki4w2xQlyBlnzXFtxfw==
bce56b6202746bc095e5.bundle.js
www.itpro.co.uk/assets/ 		78 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/bce56b6202746bc095e5.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
4515371f4fda6ee80d72cd3112a682a7b55293222bc8bcb998d8d44b9964a8af

Request headers

:path
/assets/bce56b6202746bc095e5.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
MYpIyYxcpAMC9XtpH7Dt42bYHt1LUPBAm-mrzpowwKbsaCK4aLp1Jw==
d5b68b54811cff037923.bundle.js
www.itpro.co.uk/assets/ 		171 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/d5b68b54811cff037923.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
071f8506c58b996414da5dc93d1151f045b7c68d23833c7eb801cb1273634175

Request headers

:path
/assets/d5b68b54811cff037923.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448272
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
BWdsx0lCs9QalSzLMCspOkDFBXWj4sBgWZ9omp7tcs1xgdTaGLhUgw==
2855eb09c2c754892ef7.bundle.js
www.itpro.co.uk/assets/ 		58 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/2855eb09c2c754892ef7.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
4dd7b23c2f03081eeb1c92ebdd1278ce3ab8ca780e6f3fd73cee964284092b02

Request headers

:path
/assets/2855eb09c2c754892ef7.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
VqwOXD0fKQA1b0uTLWFTO6CaqdjpYtlUYZmZLCQoLarTL7twrN5ihw==
ce721f80441529d4bbff.bundle.js
www.itpro.co.uk/assets/ 		117 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/ce721f80441529d4bbff.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
9b68d9ddbaa7176e3b0900cea32917bdd480a862ca53f62e6d5dd1e3ac283756

Request headers

:path
/assets/ce721f80441529d4bbff.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:13 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448308
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
wV35o9P5Olg1MM6xurG3C5Z2NnL_Ye16RxcGVuzEnVGhQkHBwkdMDQ==
a1606c5d08311bd8b569.bundle.js
www.itpro.co.uk/assets/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/a1606c5d08311bd8b569.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
dbad73e6a578591bc1ddf85541c17790aefb8a1a133cf35a62c2a4c2bc012051

Request headers

:path
/assets/a1606c5d08311bd8b569.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
L58lPOEmhaE7NDC7SC67Nlqm4MNM4CkhHPf486IrARQUN4JEoKgMHw==
62fdfd13d72fb42af8e2.bundle.js
www.itpro.co.uk/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/62fdfd13d72fb42af8e2.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
3903f8ff24b1fbbbd567fe21a347a374ab411ea154247573e148afd6d514ea32

Request headers

:path
/assets/62fdfd13d72fb42af8e2.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
RWKzc42JiengrNgf7FGAYv06_XZz9EhR1Cp4SliTifgPjQ8Gmuv4jw==
f2cbd7b2da4ae76b3947.bundle.js
www.itpro.co.uk/assets/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/f2cbd7b2da4ae76b3947.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
147af9ba32c602c6c199ded59ac56c2006270c804573793173fd7cceefd010a9

Request headers

:path
/assets/f2cbd7b2da4ae76b3947.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
QY5zqfcwpKYUv-9xb_AW9RXmG9AIlAEcvsgeMwrzMkcjjvkTjfFNWw==
69b85b583727ce0f5c49.bundle.js
www.itpro.co.uk/assets/ 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/69b85b583727ce0f5c49.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
ac238ac5b6da944771cfebfb30ba45dae84cc12fe7c2e32308905cb3cf49e149

Request headers

:path
/assets/69b85b583727ce0f5c49.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
lf7yyxcBKINSK_z8UHzyz9wQTjC9WO2u6Xx4N0HYc5GmaENvd4RVjg==
2dd4423c0ed0e4f35f90.bundle.js
www.itpro.co.uk/assets/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/2dd4423c0ed0e4f35f90.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
ee7c31d8dc3e1ad590cd8d0e241f4fe41a8b04d618ffb75b56277f4cab146284

Request headers

:path
/assets/2dd4423c0ed0e4f35f90.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
oijwG18bWoioM2spSuhtM5M8Wslf4QvL6VLWxnwL9D5gEFBxZZs7Rw==
5444d0a1859fb19ceaf3.bundle.js
www.itpro.co.uk/assets/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/5444d0a1859fb19ceaf3.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
fbdaf6e2fdf2aede3bc345aa91910b3e79254f10c9756e8bddac7d111c855f1c

Request headers

:path
/assets/5444d0a1859fb19ceaf3.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 19:50:50 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 05:19:44 GMT
server
nginx/1.19.0
age
674411
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=1acfcacdbd7e3a07
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
RuVHfJQuc7RgfDiJXZySacX-48ZB_jJml6bUBrssJwQI5aOb4X7gGA==
72ca6280e1ad9d5d193e.bundle.js
www.itpro.co.uk/assets/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/72ca6280e1ad9d5d193e.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
dcc5053a980e30219210fb2396a3e2995df66e9c6b9d1d5d27b21802570c5248

Request headers

:path
/assets/72ca6280e1ad9d5d193e.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
laZRRwDuhJd1iBvMpm-wL0T_3SsK1YoywEzEqQ50sne5t6UImmJl9g==
8861b931c0124676275a.bundle.js
www.itpro.co.uk/assets/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/8861b931c0124676275a.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
e2f0fef86bbc1dc648c9733599f33d16de760256589f6d64a92cb9ac98fae138

Request headers

:path
/assets/8861b931c0124676275a.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
xHtykw-4La8XvhoZvXJOMHj3uH8loM8ccg4w4X5CBBiZ2QNxQCWIqg==
032cdc781eb94d35b90c.bundle.js
www.itpro.co.uk/assets/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/032cdc781eb94d35b90c.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
743ef5caa91e8dd7acd69c1716c60e7742fef311bff5f3c27db15235a64e8607

Request headers

:path
/assets/032cdc781eb94d35b90c.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
d4GhUR2AGLuZ9MsXGSMeZ2-vSmrYFit45t1nmWDF6wLeVkEVnXKcOg==
d49c893db2abde5297ce.bundle.js
www.itpro.co.uk/assets/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/d49c893db2abde5297ce.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
ecccd749a4cae19b5aed65d5412e5a2e342a0cdf21183ddd7c8b0ea3bc3c611f

Request headers

:path
/assets/d49c893db2abde5297ce.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
TvCNNiwCMEMJ7ULDsSBlzwlohNLRpgMKy4hr2MqbOHjoSeYGszsnmQ==
5a7f44e9d4e30d025f9f.bundle.js
www.itpro.co.uk/assets/ 		170 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/5a7f44e9d4e30d025f9f.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
ed2e71cda88845fbb19173cff18433d3ce7a1fce9aec515685382a6a72579ab5

Request headers

:path
/assets/5a7f44e9d4e30d025f9f.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
lcXxx4o2VfDiEoSTxhvSDYYSYCC6_u09xpITZaLGQuG8QEj3whpBsA==
768c90e17bc9fc443a2b.bundle.js
www.itpro.co.uk/assets/ 		114 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/768c90e17bc9fc443a2b.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
a9c6d5f1b83309ee53a45ee80141cd6e4806e7b0a1a5a347640485cb0c382d2f

Request headers

:path
/assets/768c90e17bc9fc443a2b.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:13 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448308
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
ImYUyEhcX9awZvSyGWHQwZzJeEcTAHpR5Sb4hRMNy64pvwtsiSX9yQ==
3bdac129ce3ae4cb861c.bundle.js
www.itpro.co.uk/assets/ 		100 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/3bdac129ce3ae4cb861c.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
7aa5c49dcc7e10403ad4f0df50f437e432039092d96851bab3cbe80a11eff6d7

Request headers

:path
/assets/3bdac129ce3ae4cb861c.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
sqpzoJ8kgvXg7ZY0rit_tvoyeaFUmhXr33QffHWrpMeP9cIIBFSQ5g==
c818878123401764ae48.bundle.js
www.itpro.co.uk/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/c818878123401764ae48.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
10141d430afbc671ca223a21f4ce131bd63132e37a7b09d90c3174838a5466c1

Request headers

:path
/assets/c818878123401764ae48.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
5O9F_w7W98GBa4Z7oCw6GsFQ2s2QN1_uM6mITlw-8a2Wx7mwAo_nWA==
87a6db53db6c9ea58adc.bundle.js
www.itpro.co.uk/assets/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
190aabd362fd22427a4279865e395cda5dc026f8b277f37ab390dfa97cccee74

Request headers

:path
/assets/87a6db53db6c9ea58adc.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
NhtcqwzD14sQpXIMTFo6K2DrgGSebpvRp8mL3aRCvTW8fLCdRJQhhA==
edde1fd1b722e2ae0bfe.bundle.js
www.itpro.co.uk/assets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/edde1fd1b722e2ae0bfe.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
709d9150839a787a4fee7a8b72fdf4e1942b7ef7890d44cd57c5b24c92e7fc7e

Request headers

:path
/assets/edde1fd1b722e2ae0bfe.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
qTlIopvKE0jvVH5JHZu2bXu40Nvr6iFspwGqp9TWB2Opuo52beoT5Q==
9e6181287fd59902e3ea.bundle.js
www.itpro.co.uk/assets/ 		188 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/9e6181287fd59902e3ea.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
09dfe3ad69057ef63dc9872d0a738078e8b8601e78f94746a10420981f25bd8b

Request headers

:path
/assets/9e6181287fd59902e3ea.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
tYiusGD8hQZw9X0o_g7y9E0zHEK99NMa_uAltfaddLyBaAD0RKmeuQ==
bc2b9c3657991e904258.bundle.js
www.itpro.co.uk/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/bc2b9c3657991e904258.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
16da8ef11001f62f1edf810cf8cf5a020187a2ffac18324aef2c1ce59105937f

Request headers

:path
/assets/bc2b9c3657991e904258.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
i0PJXKuGgUqf0ubaacSAorGhzlLZnh5Jjjb5sS4DE_iXyOjRFGW_wA==
dc99fb6614a9a4cf6b21.bundle.js
www.itpro.co.uk/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/dc99fb6614a9a4cf6b21.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
b157c5fe6cce20eb1865e471bae227e10030db3d2afbe6528a3da48d7b756a68

Request headers

:path
/assets/dc99fb6614a9a4cf6b21.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:14 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448307
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
9S0aRuZX_0EYO9vz1rWOEC03CUsULx3LIJr_k8fs9D8k4qdNzfywoA==
5af73faa96ba1e877ff2.bundle.js
www.itpro.co.uk/assets/ 		265 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/5af73faa96ba1e877ff2.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
20a0fb813bb15d803f180765297e4f546b6e1322b219c4511b8b435644e34a1c

Request headers

:path
/assets/5af73faa96ba1e877ff2.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 12:34:19 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 12:27:29 GMT
server
nginx/1.19.0
age
4070202
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
265
x-amz-cf-id
RAlECnafW5teMhoAr-D3rqXoQp25-K5RGF9UdEXiVSQ2YWdqAclbUg==
aba041b36ac6bae0090b.bundle.js
www.itpro.co.uk/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/aba041b36ac6bae0090b.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
2c00ab62f3747eb796a085b53f1a48c0c23fb0c1e32e9123ed49d7d5bf38ce19

Request headers

:path
/assets/aba041b36ac6bae0090b.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:35 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448286
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
fZfyaC0tJcrigDVc_v4eT4LqPf47MfIVzIQRiLoBpZTvHcF_TrWb8g==
35699b3e4e62e0bc806b.bundle.js
www.itpro.co.uk/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/35699b3e4e62e0bc806b.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
38ff52a1e8900b85d56f5a1981aad5a8d1a5e84440ccba4f707b33918f499817

Request headers

:path
/assets/35699b3e4e62e0bc806b.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
0mxp6IW8hvgBZjzQ3Kxj2KTZEiMEpUmHodIeJZkMtEy0p4RETq-2QQ==
c7a8a8ac2ee340eadc86.bundle.js
www.itpro.co.uk/assets/ 		89 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/c7a8a8ac2ee340eadc86.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
4cec5f2e201b4965b272ed9f47ae44372bb2ac164b81a09df417a95476bcf5c6

Request headers

:path
/assets/c7a8a8ac2ee340eadc86.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
Xk5aCl2SswxzLwZT-s9tI7CFs7-XDiVfLryRknFQbJfl2ATg18UjBg==
cd959d1b1e47f74de067.bundle.js
www.itpro.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/cd959d1b1e47f74de067.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
c017bab41370a224411c9522e2581d2587ee27bda9ffc5e8a96d0640aa5fd7ce

Request headers

:path
/assets/cd959d1b1e47f74de067.bundle.js
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:39:04 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:33:56 GMT
server
nginx/1.19.0
age
448317
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
fz139i3lD8c5g31JUy3uuVzuF_sMaXbNUTx6JjhpURgQRlEaY_7-ug==
malware_shutterstock_1050436496.jpg
media.itpro.co.uk/image/upload/f_auto,t_primary-image-desktop@1/v1570816737/itpro/2019/02/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.itpro.co.uk/image/upload/f_auto,t_primary-image-desktop@1/v1570816737/itpro/2019/02/malware_shutterstock_1050436496.jpg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28f::1fd4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
27196b24a9d3ef46bf1bfde433c00173a8d79d4a6df3996be4bfd6c19884216e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Mar 2021 19:02:31 GMT
server
Cloudinary
etag
"c737bfbc79ba012fefc798fd3217c0b4"
vary
Accept,User-Agent
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
server-timing
akam;dur=22;start=2021-06-29T15:11:01.489Z;desc=miss,rtt;dur=4,cloudinary;dur=81;start=2021-06-29T15:03:11.923Z
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
89123
185497-238993787170978.js
js-sec.indexww.com/ht/p/ 		188 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/185497-238993787170978.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f76b4f414981d8d2903fe29620d617055716a0f833d343dc87027b87990f881d

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 15:10:29 GMT
Server
Apache
ETag
"90286a-2f1a5-5c5e901a57090"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3599
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 29 Jun 2021 16:11:01 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Jun 2021 17:38:59 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
509523
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
BpXPdnMMX5cGNQQgCyhkmWTD0437Ed_N1_hUrrM_nt039FrjBJwk3g==
logo-itpro.svg
www.itpro.co.uk/public/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/public/logo-itpro.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
a0997e5c82109ffbaff046440caf5cf3bbe893b4bf2e2de679fc2cb92488f963

Request headers

:path
/public/logo-itpro.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:59:15 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 11:35:55 GMT
server
nginx/1.15.9
age
8817106
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=37d7f0c442566b13
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
lPqK8Ij7ZfdhHp5PdqYKFZoHcgmHPxNfKnSorF-qPPT5fXoeJ-cE5A==
polaris-sprite.svg
www.itpro.co.uk/assets/ 		98 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/polaris-sprite.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
da1fb1625c502e9949efdd19f7470598a3b721bcb8724179a4c7c8778e763078

Request headers

:path
/assets/polaris-sprite.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 18:36:05 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 05:19:44 GMT
server
nginx/1.19.0
age
938096
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=ac9b54075b845ed4
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
MtM6WKd2hzOZCjbIKrMWUNu_416u_DgmLGQnmHfyMV-Jy8p_BzjY4A==
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
a697f95a8bf7db8231d0b9c1683577cd.svg
www.itpro.co.uk/assets/ 		113 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/assets/a697f95a8bf7db8231d0b9c1683577cd.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
b4cf4f5fecd3150fb69d10e9d3923e5873d3a9eb0df9adb7ce15534028d3c73d

Request headers

:path
/assets/a697f95a8bf7db8231d0b9c1683577cd.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 18:03:16 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 12:33:37 GMT
server
nginx/1.15.9
age
13122465
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=713d064351972f25
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
NYLK3vOo-wlyOc3CbMnyH_EIiNKZ_3uVZefRmxGzPj-uOSyjhblprQ==
b487debbfa76656e728cc764c40416fd.svg
www.itpro.co.uk/assets/ 		231 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/assets/b487debbfa76656e728cc764c40416fd.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
6abc809ed71a92bec82440fae2494a4fa82eb8418c0ecc337daa4431e578eea5

Request headers

:path
/assets/b487debbfa76656e728cc764c40416fd.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:48:43 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 11:41:50 GMT
server
nginx/1.15.9
age
8803338
x-powered-by
Express
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
server-timing
intid;desc=1da2a72c0bc29b61
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
231
x-amz-cf-id
Y2QzABTF2IXIlhyyOzz4rBwDiJaRaEmPKlMsMIXdcKcepMDuFBoL5A==
029c6d0882c523303bbed5c89a460d7f.svg
www.itpro.co.uk/assets/ 		222 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/assets/029c6d0882c523303bbed5c89a460d7f.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
875fd074da38bbf4a949f924eaab1bfb276fd83efdef258b4e1da4fd61c0394d

Request headers

:path
/assets/029c6d0882c523303bbed5c89a460d7f.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 18:03:16 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jan 2021 12:33:37 GMT
server
nginx/1.15.9
age
13122465
x-powered-by
Express
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
server-timing
intid;desc=1af8e52b211ffbf8
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
222
x-amz-cf-id
98lAePyEpTR2w45dLg5XYwmYthxYsT3i_PftcrMhelUo9yBj_C10EA==
5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js
cdn.permutive.com/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ccbc18c909f85c80b8630259e73aae53ebc930f33c8af450ec7d3a6232bf03b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5642074a-7820-46d3-a3d9-f26f3cc6e800
age
1094
x-guploader-uploadid
ADPycdtwzjjU_9xlGB-Qr6tRBxdyTX3jGcVbu2xBwZyO2aAgESchqpkd6wNMnCpOsVNgIEnxO70zabsfaJ-k8CFV-yZ8fJoZsg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
0af9ebedb80000233d34153000000001
last-modified
Tue, 29 Jun 2021 14:52:36 GMT
server
cloudflare
etag
W/"cf29a843269ba2ded463ef41a6db7194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=61nnPg==, md5=zymoQyabot7UY+9BpttxlA==
x-goog-generation
1624978356588548
cache-control
public, max-age=300
x-goog-stored-content-length
285840
cf-ray
667015c2bbcb233d-ZRH
expires
Tue, 29 Jun 2021 15:16:01 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver,matchMedia,Set,Map,requestIdleCallback
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1823110
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Tue, 08 Jun 2021 10:31:29 GMT
date
Tue, 29 Jun 2021 15:11:01 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
8f33fab9a29726e751a3472fe3251b27.svg
www.itpro.co.uk/assets/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/assets/8f33fab9a29726e751a3472fe3251b27.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
ac54fea63601fcadab5626d45a7a1734ca37be4032dc1e993121f921e2756bab

Request headers

:path
/assets/8f33fab9a29726e751a3472fe3251b27.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 15:24:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 12:33:37 GMT
server
nginx/1.15.9
age
10539987
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=dba8ea05b8c5a534
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
4LI2odmCb3eIphJMVI7RP_Y7awTL9h-qpfbPZETbWQ-KyamZXGrC0g==
bc5c4992005fb5c73debbf8a3fdae61c.svg
www.itpro.co.uk/assets/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.co.uk/assets/bc5c4992005fb5c73debbf8a3fdae61c.svg
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.9 / Express
Resource Hash
c9f1a1229ac3d2b9105718a63f0a2a15e12ef06fcdb74eaa87949dce59f6150d

Request headers

:path
/assets/bc5c4992005fb5c73debbf8a3fdae61c.svg
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:27:12 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 12:33:37 GMT
server
nginx/1.15.9
age
10568629
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=d56b5e60ccdd88e1
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
msQ3wcn4cPFPtLt9h4r5KBPItrtnbDz362h_zdy9bHqVaEtT-_cnGw==
datalayer
www.itpro.co.uk/blaize/ 		205 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/blaize/datalayer
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
49d49113c5b0992f21d014f3f3897f9d92a3c35248706240d2065e405a0cd21d

Request headers

:path
/blaize/datalayer
pragma
no-cache
cookie
AWSALB=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; AWSALBCORS=gTiI1VRSh/sK77aDwQ9aPt8tuxJ7NRn1EJU9Y7K8zg+NgXS5/+1ypPIcImPHPFjqQRW4DDufkghpaW4eXucNzZYfzTIPwPqpXxu1TmZfeeqmE/0NsPpOnDZ86Eee; blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
set-cookie
AWSALB=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; Expires=Tue, 06 Jul 2021 15:11:01 GMT; Path=/ AWSALBCORS=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; Expires=Tue, 06 Jul 2021 15:11:01 GMT; Path=/; SameSite=None; Secure
content-length
205
x-amz-cf-id
uVjIM6KOFVgGeYqS8FN4QQ7V4o_Fd8ohtxDfjn11vcRExdm0u0OOsQ==
x-blaize-request
ffffffff86b1a0b7
a50543aaa5f4c5ed0fea.bundle.js
www.itpro.co.uk/assets/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/a50543aaa5f4c5ed0fea.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/bc2b9c3657991e904258.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
f8f428471bb30a29cc91ee44a876533e69adee504e4eb6370fb3b6b8b305b3fa

Request headers

:path
/assets/a50543aaa5f4c5ed0fea.bundle.js
pragma
no-cache
cookie
blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678; AWSALB=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; AWSALBCORS=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 19:50:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 05:19:44 GMT
server
nginx/1.19.0
age
674409
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=21a622ae6c7f7066
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
C2hudjf3i2vImCU8P07PGC3k9UY0Af_80lWA1kUfenYrP0udnsqsNw==
48d50982a2450bc6eb28.bundle.js
www.itpro.co.uk/assets/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/assets/48d50982a2450bc6eb28.bundle.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/bc2b9c3657991e904258.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 / Express
Resource Hash
9498248883db26dbcf495d282d4d3cadd56e4c6f94c2e0a92766db10a64b4b0b

Request headers

:path
/assets/48d50982a2450bc6eb28.bundle.js
pragma
no-cache
cookie
blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678; AWSALB=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; AWSALBCORS=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 19:50:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 05:19:44 GMT
server
nginx/1.19.0
age
674409
x-powered-by
Express
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
server-timing
intid;desc=a9c5ce6b6b5f4fed
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
iyfWM9_E95bKM0pbSnEof65xxDh_5WQO7WNx6GJjZq6wAA5BzX33Vg==
css
fonts.googleapis.com/ 		11 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/edde1fd1b722e2ae0bfe.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4df0be1619fed792226ccb006a7a797a1b5488425fe5c00c6600106c53ff04d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:25:53 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/f575a2a12bd62e8b337c.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 10:14:08 GMT
content-encoding
gzip
server
Server
age
17812
etag
c457e964d47ff007ca9e04843536c474
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
SOzAdyP7.FQsxAjkeGom0RVGr_hQgEwt
x-amz-cf-id
_qZwDk-s0PRsGqXYK7kYWpJ6fynbRVzS6NAN5Y32avuO3crXH1kyPQ==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/5a7f44e9d4e30d025f9f.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5453
date
Tue, 29 Jun 2021 13:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 29 Jun 2021 15:40:08 GMT
native-message
itpuk-mms.itpro.co.uk/wrapper/tcfv2/v1/gdpr/ 		259 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itpuk-mms.itpro.co.uk/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=d1eae662-504c-450e-be66-01737f0b38c2&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A145%2C%22requestUUID%22%3A%22d1eae662-504c-450e-be66-01737f0b38c2%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fitpuk-mms.itpro.co.uk%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: itpuk-mms.itpro.co.uk
URL: https://itpuk-mms.itpro.co.uk/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-37.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
6c7c4b247f411301c52a6383fd5dc496715877b9eb4a87e14074055ae4324b6e

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
4p0XASSOxhy5vL86_iaGOxF3GAy43wXp9qLXskoEbfzOFhc0eeH_Ww==
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
native-message
itpuk-mms.itpro.co.uk/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://itpuk-mms.itpro.co.uk/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=d1eae662-504c-450e-be66-01737f0b38c2&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A145%2C%22requestUUID%22%3A%22d1eae662-504c-450e-be66-01737f0b38c2%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fitpuk-mms.itpro.co.uk%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
13.226.155.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-37.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.itpro.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
content-length
2
date
Tue, 29 Jun 2021 15:11:01 GMT
x-powered-by
Express
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xjwF9Q4na-vWU8AoKNfgVfxDsz4BBDyqdL6ugBybvg-agHeV2WzG3w==
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:47:47 GMT
x-content-type-options
nosniff
age
598994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:47:47 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 09:59:54 GMT
x-content-type-options
nosniff
age
537067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21080
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:59:54 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:10:04 GMT
x-content-type-options
nosniff
age
543657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20348
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:10:04 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5DXFF4N&cid=2052819291.1624979462
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
506cb3b15c44a695f83da96a59db62dd20121ba9f2c74f987278a6c9a732985f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35890
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:01 GMT
7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:56:40 GMT
x-content-type-options
nosniff
age
602061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21072
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 15:56:40 GMT
7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3q-0s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 05:48:44 GMT
x-content-type-options
nosniff
age
552137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21268
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 05:48:44 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:04:28 GMT
x-content-type-options
nosniff
age
594393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19492
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 18:04:28 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 07:43:27 GMT
x-content-type-options
nosniff
age
545254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19724
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 07:43:27 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:42:59 GMT
x-content-type-options
nosniff
age
548882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20500
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:29 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 06:42:59 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800%7CBarlow+Condensed:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.itpro.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:38:50 GMT
x-content-type-options
nosniff
age
599531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20676
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:38:50 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
86220
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Mon, 28 Jun 2021 15:14:03 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
HFdJQ39tQNAMcdpZtGVcZP2iUdOvM8Lnfh_HkmNu8BF0wQfj5tLSYw==
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185497-238993787170978.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Jun 2021 15:11:02 GMT
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185497&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185497-238993787170978.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
ad306b8e5ab9ac1581ce7c2cc82b2d4ddec7b84cce5a79c2a874c5a06a5be4b0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 29 Jul 2021 15:11:02 GMT
identity
api.rlcdn.com/api/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185497-238993787170978.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
gtm.js
www.googletagmanager.com/ 		240 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80a92d061c1c25735d1f8ff5c9f24819c7314543ec602fbe851545c96ebbc879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65290
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:02 GMT
eum.min.js
eum.instana.io/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa

Request headers

Origin
https://www.itpro.co.uk
Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
578397
cf-ray
667015c948164e56-FRA
cf-request-id
0af9ebf1c900004e56deaa3000000001
access-control-allow-origin
*
last-modified
Tue, 15 Jun 2021 15:42:43 GMT
server
cloudflare
etag
-1517129700--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
via
1.1 google
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=41988246&t=timing&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Performance%20Metrics&utv=First-Paint&utl=Paint&utt=348&_u=KGBAAEADQAAAAC~&jid=1344051933&gjid=1436417841&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&_r=1&_slc=1&z=65456937
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
datalayer
www.itpro.co.uk/blaize/ 		205 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.itpro.co.uk/blaize/datalayer
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
49d49113c5b0992f21d014f3f3897f9d92a3c35248706240d2065e405a0cd21d

Request headers

:path
/blaize/datalayer
pragma
no-cache
cookie
blaize_session=8192c85b-b6a6-4376-9fd9-18707ab650e6; blaize_tracking_id=cfaa4f45-94f8-42e3-aedc-9e0e18097678; AWSALB=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; AWSALBCORS=mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST; _ga=GA1.3.2052819291.1624979462; _gid=GA1.3.870553950.1624979462; _sp_v1_uid=1:119:5acfee54-7948-470d-a1b2-cda9fbd83cdd; _sp_v1_data=2:221358:1624979461:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXQGQlksAJ3zQ2mdAAAA; _sp_v1_opt=1:; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=4e422bce-f3e1-477c-91fa-1afff91214a9; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.itpro.co.uk
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
set-cookie
AWSALB=vtU85OkrEaUjrGo57t4zKJcioGgbqNbLUAYEa0vSEgOrD3qYFFZTvcQEbtze8CbYMTOEX+QJXrKzoyfwnYR2SbsfJem8HgtBA2hyxNaKExDD+c5goKKGBPJsGzTk; Expires=Tue, 06 Jul 2021 15:11:02 GMT; Path=/ AWSALBCORS=vtU85OkrEaUjrGo57t4zKJcioGgbqNbLUAYEa0vSEgOrD3qYFFZTvcQEbtze8CbYMTOEX+QJXrKzoyfwnYR2SbsfJem8HgtBA2hyxNaKExDD+c5goKKGBPJsGzTk; Expires=Tue, 06 Jul 2021 15:11:02 GMT; Path=/; SameSite=None; Secure
content-length
205
x-amz-cf-id
99dQcbKY8MXAjXbeQOm9gcl8zXAO6MQEzcUgrgsnp5zn3fmywSrIkg==
x-blaize-request
465600d6
config
c.amazon-adsystem.com/cdn/prod/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3644&u=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.itpro.co.uk
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
6xiwIjj_pKYiVAX49kZkm5KGJnw9qTBRsA4TqD3skzNTnY8PpBTyLw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/f575a2a12bd62e8b337c.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
fc6713e8b0cc6af0809d5742a6651ceb0785af7c0eaa5840eae558bcc571fabc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"915 / 755 of 1000 / last-modified: 1624965047"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24250
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:02 GMT
smart.js
www.ultimedia.com/js/common/ 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/js/common/smart.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/c7a8a8ac2ee340eadc86.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b394ea8edffcaa643791a6d6ae840f701975acead68e3a8a627f0c0122034a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 09:26:19 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"609e423b-a129"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:02 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=timing&_s=2&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Performance%20Metrics&utv=First-Contentful-Paint&utl=Paint&utt=348&_u=KGBAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&z=58355842
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32576
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=pageview&_s=3&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&dp=%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20it-pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd47=304485ba-c13e-47c6-8a70-dba97b08cc96&cd60=2052819291.1624979462&cd58=&cd5=News&cd6=Rene%20Millman&cd72=11&cd68=Security&cd69=zero-day%20exploit&cd70=&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd30=%2F359%2Fitpro.co.uk%2Fsecurity%2Fzero-day-exploit%2Fchrome&cd14=Google%20News%7Czero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=Build%20brand&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd67=Home&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&z=888525577
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32576
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0694 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.itpro.co.uk&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.itpro.co.uk&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1662
set-cookie
uid=4101eada-cd3d-4feb-981a-b2f6509d9789; expires=Wed, 29 Jun 2022 15:11:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 29 Jun 2021 15:11:02 GMT
content-length
1129
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1344051933&gjid=1436417841&_gid=870553950.1624979462&_u=KGBAAEACQAAAAC~&z=1635428553
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Jun 2021 15:11:02 GMT
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1344051933&_u=KGBAAEACQAAAAC~&z=1807882173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1344051933&_u=KGBAAEACQAAAAC~&z=1807882173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1396680.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1396680.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c3d390d87f41e52285ff67b808d41b5e0353d00b00d08ebdd8fbe96d3ddf034c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:10:51 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
34
etag
W/29265c801a71ca23e204d5d26aadaef5
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
rqJCVmmfBF0j8Eu4jJ4UMxgA4QGSvWM6n_q98_vpbC1PMgXuZlFnQg==
via
1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24675
x-xss-protection
0
pragma
public
x-fb-debug
JM9fbV+G+wswcxhk7XxYjr8iW5uw95mu3talGZ/6rDEuSErkfF5CQdVBCL2i0ni070oWPWKLJoDbZFwxfXY+fg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Tue, 29 Jun 2021 15:11:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
api.min.js
a.omappapi.com/app/js/ 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE1-752 /
Resource Hash
c2eb68451becc764a87e263a9f8012dcbec8083b69f925d3bfe318024500dcd8

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
br
cdn-edgestorageid
755
perma-cache
HIT
cdn-storageserver
DE-51
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-06-20 10:47:42
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
last-modified
Fri, 11 Jun 2021 19:33:58 GMT
server
BunnyCDN-DE1-752
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
8535c577ee0052e67c2be0692f4ba9fc
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
id5-api.js
cdn.id5-sync.com/api/0.9/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/0.9/id5-api.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Tue, 29 Jun 2021 14:24:14 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
7102
x-request-id
530416788
d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
scripts.webcontentassessor.com/scripts/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ede55256157f0e4820a4fa72450ad84457b00e7ce4fef3a044b9b1d8c21c47f7

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:02 GMT
content-encoding
gzip
age
2217
x-cache
HIT
content-length
18001
x-amz-id-2
kzd4v07tUeuqgJ++ty5s/jGCn7UMFlJgl19p/fad1Tq1b3JeHeDiHBxIy9WCyp1E3nUC02JNRV4=
x-served-by
cache-fra19131-FRA
last-modified
Tue, 29 Jun 2021 14:33:40 GMT
server
AmazonS3
x-timer
S1624979463.997907,VS0,VE1
etag
"e6a376da7f399ab0015a3693bff5fccf"
vary
Accept-Encoding
x-amz-request-id
5VF4SNEVZSFJRREW
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
tag.aspx
ml314.com/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?2952021
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 14:07:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=82594
Connection
keep-alive
Content-Length
12574
Expires
Wed, 30 Jun 2021 14:07:37 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=41988246&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAAC~&jid=832281920&gjid=1724581326&cid=2052819291.1624979462&tid=UA-84606622-2&_gid=870553950.1624979462&_r=1&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd109=421&cd110=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd120=Metered&z=1301243805
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5454
date
Tue, 29 Jun 2021 13:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 29 Jun 2021 15:40:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=41988246&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blaize&ea=Page%20loaded&el=Group%20undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&_u=aHDAAEADQAAAAC~&jid=654460300&gjid=1009014276&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&_r=1&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd120=Metered&z=1292396767
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
83015X1540107.skimlinks.js
s.skimresources.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/83015X1540107.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2851db9259fb25d45ed61488277fad3945eb5b62e85cd4dc81334fc700260f97

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 12:07:49 GMT
server
AmazonS3
x-amz-request-id
JFQR7M5J9YKPX49S
etag
"fece347fa2c6d74c6f50c8eaf03f8213"
x-hw
1624979463.cds138.fr8.hn,1624979463.cds213.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13561
x-amz-id-2
6P5Z4+FwqsYR/Dvlh1oH5fh5wGufIr5wsDEhqZ+ehjso9gzRGBkFD0r2yIuNoyq0Q4jGPARunzw=
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SourcePoint%20CMP&ea=onSPPMObjectReady&el=(not%20set)&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd120=Metered&z=949556493
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32577
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SourcePoint%20CMP&ea=onMessageReceiveData&el=categoryId%3A%20undefined%7CsubCategoryId%3A%20undefined%7CmessageId%3A%200&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd120=Metered&z=1831490935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32577
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SourcePoint%20CMP&ea=onConsentReady&el=(not%20set)&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd120=Metered&z=1822783221
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32577
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=654460300&gjid=1009014276&_gid=870553950.1624979462&_u=aHDAAEADQAAAAC~&z=316583444
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Jun 2021 15:11:03 GMT
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021062408.js
securepubads.g.doubleclick.net/gpt/ 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 17:13:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118414
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:03 GMT
modules.5d7b003bea9773742697.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5d7b003bea9773742697.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1396680.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7f151964a074a9964d27f732d7ae5f1fedd7ee0af1f4a6a66c192dc58e497de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 11:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
100378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59104
access-control-allow-origin
*
last-modified
Mon, 28 Jun 2021 11:17:19 GMT
etag
"7ec91cc4f2cd9fc68adc95dae9f9b891"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
V5PZQ2wwp5UyvP4LcmYy2P__Ui-YUOVT8wGwx6UELdvYSGlgNpSFng==
2
www.ultimedia.com/api/widget/getwidget/mdtk/02437542/zone/ 		136 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/api/widget/getwidget/mdtk/02437542/zone/2?url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&meta_breadcrumb=&meta_tag=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e78f56276c04b58863c43424709892edc08c45c7eb17bdc289d3cdd2a060fb1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
visible_player.js
www.ultimedia.com/js/common/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/js/common/visible_player.js?v=1624924800000
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
025cd92e900ceb1570614c16c3a0828fa3c439bcb47cf8dcf059e9eeea3bed77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 14:02:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"60c8b303-82a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
notification.js
www.ultimedia.com/js/common/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/js/common/notification.js?v=1624924800000
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
780396b361c35383795d3d1fb3e71e8c1e57e717973f3a4599ec4f11ba75f84e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 09:26:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"609e423a-129f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
visibilityStat.js
www.ultimedia.com/js/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/js/common/visibilityStat.js?v=1624924800000
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
675ab0a24f0160c73eaa7dde430b9f5ee68a54dc0c0c8d7d2bd0a811f30f6fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 09:26:19 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"609e423b-701"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
2482549652030483
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2482549652030483?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e8b8d958927d7f783e6f85cdecf55659bcc556bc477514237673b9a1f2e3704
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75584
x-xss-protection
0
pragma
public
x-fb-debug
ve4tiZiIw1bFngjfGDsxKxyYVAmVLSYMcHPuiv041rSO1eg9OITi5J4144ek+aLQ2qVu1bQCovzbSan47dVs5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 29 Jun 2021 15:11:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
73647
api.omappapi.com/v2/embed/ 		227 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/73647?d=itpro.co.uk
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pagely Gateway/1.5.1 /
Resource Hash
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
x-cache-config
0 0
x-amz-cf-pop
AMS1-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
content-length
227
x-optinmonster-account
82807
x-user-agent
standard--
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
Pagely Gateway/1.5.1
etag
"b91e5dc54e033e761837b7b846da520f"
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
h5rhFowIOj39dt-CJDk4Rwk-sOO7n1c2PJXtOCx2_5lmT1aQNlNndg==
tag
btloader.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5663187464617984&upapi=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced5e84ff10ddcaf61b54b142fcf55a634e762b0198b6ecc1e1639e740f71d3c

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
767
content-encoding
br
cf-request-id
0af9ebf3fb0000d6f122b19000000001
server
cloudflare
etag
W/"18460f3d9bf96029b95e21d59108da7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=isCkelfopur%2BaY1wNXolm8WS1osgTaDkyXkgyN%2Fjb9r7%2BiZCaM8zlLZ3FSdbQd7Hu5Z18oq7axJGpnMHXDxhJMPGuNs1fZwQUEbhdzsUiolIqTCPmI0hg2d9e8q7vDSdufvBUFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
667015ccc927d6f1-FRA
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=654460300&_u=aHDAAEADQAAAAC~&z=1937197498
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=654460300&_u=aHDAAEADQAAAAC~&z=1937197498
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 4B49 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1396680.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

content-type
text/html
content-length
1044
date
Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
EM5Hz9b9kGElDYP4xiG8X8Wo-MDep_VmRFS_B0IJhzvO7jRI926TzA==
age
2264158
utsync.ashx
ml314.com/ 		62 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=61719&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&pv=1624979463171_v38ekkoyr&bl=en-us&cb=726189&return=&ht=&d=&dc=&si=1624979463171_v38ekkoyr&cid=&s=1600x1200&rp=https%3A%2F%2Ft.co%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?2952021
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:02 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
147
Expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=2952021
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?2952021
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.86.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-86-214.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:03 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Wed, 30 Jun 2021 15:11:03 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2482549652030483&ev=PageView&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1624979463234&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.2.1624979463231.1090067145&it=1624979463105&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 29 Jun 2021 15:11:03 GMT
robots.txt
t.skimresources.com/api/v2/ Frame ED78 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.6793129102233211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.233508438585929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.233508438585929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
smart
www.ultimedia.com/api/widget/ 		87 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/api/widget/smart?j=new&t=1624979463094&exclude=&meta_description=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twitterdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twittertitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogtitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_title=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_h1=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&meta_h2=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide%0D%0A&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&mdtk=02437542&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper_kqi6tec4
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/js/common/smart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c51cd1c3a44663f2aeb238fa042384a71d7debc6f58367b0c850df4993fdae62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset="utf-8"
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F9C55Q50SYYM2H87XT6SYKTW&persistence=1&checksum=308d936e4bc3702e782ab2984c5102e25470b857b4605db84e201c6b4c0e3738
187 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F9C55Q50SYYM2H87XT6SYKTW&persistence=1&checksum=308d936e4bc3702e782ab2984c5102e25470b857b4605db84e201c6b4c0e3738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty/1.11.2.5 /
Resource Hash
331e835e21ac24ba61cccd016b79d67d1c0c4202e5397acf1e77aba6ff461095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.itpro.co.uk
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.itpro.co.uk
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F9C55Q50SYYM2H87XT6SYKTW&persistence=1&checksum=308d936e4bc3702e782ab2984c5102e25470b857b4605db84e201c6b4c0e3738
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Tue, 29 Jun 2021 15:31:03 GMT
autoexp.js
encraveimg-yowgo.netdna-ssl.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://encraveimg-yowgo.netdna-ssl.com/autoexp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THSM3B8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.32 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7bbecd62c135e8e76a0840ac4702654b9fc05b2b0a28772a0402df881025a07b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
origin
https://mycloud.rackspace.com
last-modified
Fri, 08 Jan 2021 22:13:00 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
application/x-javascript
x-timestamp
1610143979.43980
cache-control
public, max-age=781
x-trans-id
tx790dcf114be449258801b-0060db1ec6dfw1
expires
Tue, 29 Jun 2021 15:22:24 GMT
pub
pixel.adsafeprotected.com/services/ 		57 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931015&slot=%7Bid:refresh-below_header,s:300,250.fluid,p:/359/itpro.co.uk/security/zero-day-exploit/chrome,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e7a6c438-16b9-f42f-7220-58f531d08f4b&url=https%253A%252F%252Fwww.itpro.co.uk%252Fsecurity%252Fzero-day-exploit%252F359823%252Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b49f82370e2400cfeceb1450866b5466704346385d3ac6f8e691a967c9c494db

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
x-server-name
app19.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
pub
pixel.adsafeprotected.com/services/ 		55 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931015&slot=%7Bid:refresh-desktop-side-19,s:300,250.300,600.fluid,p:/359/itpro.co.uk/security/zero-day-exploit/chrome,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e7a6c438-16b9-f42f-7220-58f531d08f4b&url=https%253A%252F%252Fwww.itpro.co.uk%252Fsecurity%252Fzero-day-exploit%252F359823%252Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
14218f418555e825b0e245d8c1b0cb601452a0b3f3054dcb76df99c1b4e96edc

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
pub
pixel.adsafeprotected.com/services/ 		247 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931015&slot=%7Bid:bling-1,s:fluid,p:/359/itpro.co.uk/security/zero-day-exploit/chrome,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e7a6c438-16b9-f42f-7220-58f531d08f4b&url=https%253A%252F%252Fwww.itpro.co.uk%252Fsecurity%252Fzero-day-exploit%252F359823%252Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
92240feafb2d4c5006e16fe2f815ea63ec34d1fab9462300133578e439bddac6

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
x-server-name
app31.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
pub
pixel.adsafeprotected.com/services/ 		55 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931015&slot=%7Bid:refresh-stickyfooter,s:320,100.320,50.300,50.fluid,p:/359/itpro.co.uk/security/zero-day-exploit/chrome,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e7a6c438-16b9-f42f-7220-58f531d08f4b&url=https%253A%252F%252Fwww.itpro.co.uk%252Fsecurity%252Fzero-day-exploit%252F359823%252Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1f2021c16fa55a9677df40e86252856d63bef5b0bce2ddc80f1f63a229efd606

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
x-server-name
app39.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
integrator.js
adservice.google.ch/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=4111166323431888&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x2&prev_scp=position%3Dpage_impression%26placement%3Dpage_impression%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px&cust_params=amznbid%3D0%26amznp%3D0%26article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624979463&dt=1624979463388&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=1640364121&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
07b2d281cd8f89c7dc554e8df615cd87d6561f4a18de6f7bc93af4eb2c8162bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14235
x-xss-protection
0
google-lineitem-id
4369354075
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299690739
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B6F2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 29 Jun 2021 15:11:03 GMT
expires
Wed, 29 Jun 2022 15:11:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		469 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=4040788539565832&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=position%3Doop_1%26placement%3Doop_1%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px&cust_params=amznbid%3D0%26amznp%3D0%26article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624979463&dt=1624979463395&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=114&adks=1206839319&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4251&msz=0x0&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c4013831b53a18f41335d491b32e52eded4eb042ddbeb3e1c552b0500fd903e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		469 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=3116798033879331&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=position%3Doop_2%26placement%3Doop_2%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px&cust_params=amznbid%3D0%26amznp%3D0%26article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624979463&dt=1624979463401&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=114&adks=2404967229&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4251&msz=0x0&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
db55906eff8f6f4923e533ba24c644a050657ab3b0cfdd5a1eaae93d33e33907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		469 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=797141890675126&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=position%3Doop_3%26placement%3Doop_3%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px&cust_params=amznbid%3D0%26amznp%3D0%26article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624979463&dt=1624979463404&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=114&adks=2309831523&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4251&msz=0x0&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e8999e93b5838765fe922ad9d7329fdf7e5f925356c706b28b83c8afa918dd62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		469 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=75319013120720&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=position%3Doop_4%26placement%3Doop_4%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px&cust_params=amznbid%3D0%26amznp%3D0%26article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624979463&dt=1624979463406&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=114&adks=873100757&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4251&msz=0x0&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
97652b1ed639c0cadcf7aa155ff1230487834c718d683e917dd8dceea4dfc7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=0022bb16037a70bdbb940c4722c7b25f8b
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
X-TraceId
e43c4f9d7a99b2a269efa3ba22236878
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=0022bb16037a70bdbb940c4722c7b25f8b&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&optOut=false&bust=07157848868878107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:03 GMT
Cache-Control
no-cache
X-TraceId
3c7142455e2a308012e51b13550c9c3b
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
responsivev3.js
www.ultimedia.com/widgets/js/ 		108 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/widgets/js/responsivev3.js?v=2.0.2.7537
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1624979463094&exclude=&meta_description=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twitterdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twittertitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogtitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_title=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_h1=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&meta_h2=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide%0D%0A&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&mdtk=02437542&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper_kqi6tec4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 09:26:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"609e423a-1ae39"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 50EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu98r1sK7l49cW_FyPCvvhSOCDP1i_5-sVrmDUWIZgGnMSxVk23rO3zMGgdBZAAYGX8I6ef9R5E6HQ3_U-9iqjNoNXT5PPnSEcsZZzjxVxPjBNBgenPe_nqlPP1PusHlsYXgpa9L5Y8kdXt7AvcTDlP2GnqDfk8IB8mFX-bUNaqA-ftpn7YP4LBO3s6svobJfNPF5pMuNvNQVtwArH912ae8gkueX8Dsux59p7JKp9eBCewy6r2Az_eDQf_v-Nh-GgBlXlbwSIQTRLKkeefm-AtSUXffTT2XvZcXmrWBuFbPo-mGjZw3Xv8162bR0QYp6c0wFGxHJN1eAqdavQ&sai=AMfl-YS8eVhURtj8Bx3hLGoN65TpuuS9sEPrcGN_Vh2jc0kx2lyz9W-H0gr3EqErqRluCjAbkHw0Y8xJHC9hSGpfGCv4Dw3mNHCirRgCKLj4bd3dF8PT8vP67mxHt5Vt-AoD&sig=Cg0ArKJSzEhpt-FOAXbYEAE&adurl=
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Jun 2021 15:11:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 50EF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 15:03:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 50EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 15:10:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50EF 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879993577808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38803
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:03 GMT
6397639451558257388
tpc.googlesyndication.com/simgad/ Frame 50EF 		49 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6397639451558257388
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 23:34:17 GMT
x-content-type-options
nosniff
age
574606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
last-modified
Tue, 07 Jan 2020 13:34:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 23:34:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879999447392"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062408&st=env
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
264124f836810fa028545303c7787757d5c369b34a4fc8acd935fed003ad97c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8013
x-xss-protection
0
/
eum-eu-west-1.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 29 Jun 2021 15:11:03 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:03 GMT
responsivev3.js
www.ultimedia.com/widgets/js/ 		108 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/widgets/js/responsivev3.js?v=2.0.2.7537
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1624979463094&exclude=&meta_description=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twitterdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twittertitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogtitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_title=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_h1=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&meta_h2=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide%0D%0A&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&mdtk=02437542&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper_kqi6tec4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 09:26:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"609e423a-1ae39"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
iframe
www.ultimedia.com/deliver/generic/ Frame D9F6 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1624979463094&exclude=&meta_description=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twitterdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twittertitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogtitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_title=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_h1=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&meta_h2=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide%0D%0A&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&mdtk=02437542&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper_kqi6tec4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
980d6d4b12edc7c0f3a0ebbbadfad32071e274ad68451fbe4c17b45728e89aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
www.ultimedia.com
:scheme
https
:path
/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Tue, 29 Jun 2021 15:11:03 GMT
content-type
text/html; charset=UTF-8
cache-control
private, must-revalidate
access-control-allow-origin
*
access-control-allow-credentials
true
pragma
no-cache
expires
-1
vary
Accept-Encoding
content-encoding
gzip
set-cookie
STICKY=7600c2999f3fb1bcd7d3bad4e9e1dcee; path=/; HttpOnly
strict-transport-security
max-age=31536000; includeSubDomains
sprit_10.png
www.ultimedia.com/img/widget/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ultimedia.com/img/widget/sprit_10.png
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
232e2107e9ebb4adaae34e5aa7f8eba38b819ed4a735bac8f26d41106635c97c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 09:26:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609e423a-b9d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
content-length
2973
expires
Fri, 30 Jul 2021 15:11:03 GMT
sprit_6.png
www.ultimedia.com/img/widget/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ultimedia.com/img/widget/sprit_6.png
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
43fc744dc9f9bdd26ba499a6e1840b548740e7ce2b63e7c986d997d2bcae496e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 09:26:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609e423a-d0e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
content-length
3342
expires
Fri, 30 Jul 2021 15:11:03 GMT
/
www.ultimedia.com/deliver/statistiques/widgetdisplay/ 		0
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/deliver/statistiques/widgetdisplay/?mdtk=02437542&zone=2&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&autoplay=2&widget_type=smartlasthome&result=1&params=%7B%22index%22%3A%22technology%22%2C%22search%22%3A%22Windows+devices+targeted+by+PuzzleMaker+malware+exploiting+Chrome+zero-day+flaw+%7C+IT+PRO+Chain+of+vulnerabilities+used+to+attack+multiple+companies+worldwide+Windows+devices+targeted+by+PuzzleMaker+malware+exploiting+Chrome+zero-day+flaw+%7C+IT+PRO+Chain+of+vulnerabilities+used+to+attack+multiple+companies+worldwide+Windows+devices+targeted+by+PuzzleMaker+malware+exploiting+Chrome+zero-day+flaw+Chain+of+vulnerabilities+used+to+attack+multiple+companies+worldwide%5Cr%5Cn%22%2C%22limit%22%3Afalse%2C%22nb_videos%22%3A6%2C%22videos_results%22%3A%22%22%2C%22first_video_id%22%3A2005257%2C%22first_video_id_content%22%3A25%2C%22click_to_play%22%3A0%7D
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1624979463094&exclude=&meta_description=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twitterdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_twittertitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogtitle=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_ogdescription=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide&meta_title=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&meta_h1=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&meta_h2=Chain%20of%20vulnerabilities%20used%20to%20attack%20multiple%20companies%20worldwide%0D%0A&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&mdtk=02437542&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper_kqi6tec4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
5f0uqp-X.jpg
medialb.ultimedia.com/multi/3538x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/3538x/5f0uqp-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3cec4f4fe9e09a4fd81be5bf159e350aaa6e47fae3cf11e179a20487937e7ae2

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 17:17:32 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609eb0ac-12fc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
4860
expires
7d
58zv8v-X.jpg
medialb.ultimedia.com/multi/35qpz/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/35qpz/58zv8v-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6962a20f51eebd0c6a6520f42ab5601038b24fbb3804c55835402331cf69632b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 16:16:56 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609ea278-15ae"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
5550
expires
7d
skpxzz-X.jpg
medialb.ultimedia.com/multi/3sprm/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/3sprm/skpxzz-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
03aea583e92369ab2feedd4c73f74a15eb9801a8cbf49f7fc4f9949e5ce2e952

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 15:04:21 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609e9175-2bec"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
11244
expires
7d
q0pzvx5-X.jpg
medialb.ultimedia.com/multi/38085/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/38085/q0pzvx5-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
72db3e1224c16f415c4f53a79a0b88fbaaf0f43a31050ba16fdb783b2e668505

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 13:54:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609e812d-18e8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
6376
expires
7d
q0zp5sk-X.jpg
medialb.ultimedia.com/multi/380sl/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/380sl/q0zp5sk-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1d0d8708dca3717e02dc3ab9545372a1ad2758744920e5f66bb7cde3eb3cf47e

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Sat, 15 May 2021 00:01:39 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609f0f63-1e11"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
7697
expires
7d
q0z0p83-X.jpg
medialb.ultimedia.com/multi/3800z/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.ultimedia.com/multi/3800z/q0z0p83-X.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
befb693bf20e47e76b00cb642badbe786db0a5618b89e15f77f3c56761a97324

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:03 GMT
last-modified
Fri, 14 May 2021 15:49:14 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609e9bfa-1f99"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
8089
expires
7d
truncated
/ Frame 50EF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b68435091efe0f013cf240497b64e060340e2492f13e38c5c22368eaaf8be0c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 50EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8DIedmB1k8VQ0KT--F_fcEZWYe47r-m3OwfmQzIvZWG7jB9v16YKQN7ZyXeEzGdVVljb7y2kHz-ngE2y43xLsDb5ATxKpQpDtbBeloueU1XFLwaledemCZp8Y55fXxgmcjDkzyaL4iuzKy0A3D3SpGsGRAHc8y1l-B4KGxFoy7lFCyGNbSzRmG0CC7kKN7or98I-iZuHaVAKetQWmb9c36T0kz79Uy89JXBfbieMJ3gHpUU1JlFMnkKKpV_AOgm2UJolqBBbTWzrXJIlGUJ3Fyn779LpCmKDQpIbUl_IQ0aV8_W9OQFTKKAaBtb9pUjs_WdIgTZTFC96xWJtGPA&sai=AMfl-YTBLbABE8XVxL7eeN5Mb_QB35is8sk_nbv2xA2UxheE2PbloPBUJDIho7kPXCh1GCZar6jQRlVarcfPU9VrCIGyrtGNKTZWtaIobn3nlg_MNE6uwIOAiHeD57EwjImg&sig=Cg0ArKJSzExn2ZJCkBF0EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Jun 2021 15:11:03 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		159 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3644&u=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&pr=https%3A%2F%2Ft.co%2F&pid=oV73EBW3hVukp&cb=0&ws=1600x1200&v=7.66.00&t=4000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F359%2Fitpro.co.uk%2Fsecurity%2Fzero-day-exploit%2Fchrome%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ff995e78908c70afe52ddaeea7699bf5683596efbd4839b336c8a58eda6b0cb0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
AMS1-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
152
via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
x-amz-cf-id
cuaOCwUnuxQF5GLtRHEfGzhicxubpkWF5CL9FAhRZjC4UgBA-WPC-Q==
bid
c.amazon-adsystem.com/e/dtb/ 		159 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3644&u=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&pr=https%3A%2F%2Ft.co%2F&pid=oV73EBW3hVukp&cb=1&ws=1600x1200&v=7.66.00&t=4000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F359%2Fitpro.co.uk%2Fsecurity%2Fzero-day-exploit%2Fchrome%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3bd41d9219e52697d65ddb0ad2f954103e2830e9ac292b616396552b714372a7

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
AMS1-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
152
via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
x-amz-cf-id
LJGxMhqrWxXf8UrKv9ykVYYGc_tdg8YMvl3yNUhkDtUl7IgkensLHA==
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=1752652724992393&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&prev_scp=position%3Dnative_article%26placement%3Dnative_article%26refresh%3Dno%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26id%3D387a90ba-d8ec-11eb-a242-06cc0da90f4d%26vw%3D40%2C50&cust_params=article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3D021e4954e7863874-2211515c6fc800f1%3AT%3D1624979463%3AS%3DALNI_MaR9AG6e44xkEG9ZVVWItn3At0KSg&bc=31&abxe=1&lmt=1624979463&dt=1624979463805&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=1125&adys=4062&adks=2021606610&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x0&msz=1x-1&psts=AGkb-H-RYuhul_9d9f4GifaBPGtKtIKgx8byOjthmEMOMUpoTis4ORYoyQs4kxRZm_njyNtmFoZGH3S1ke4S6XvAiF3An83O%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
073757f4f5ae4b640172dfea4b000cfb945b80378b4c0bef96bedb7078c2660e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8517
x-xss-protection
0
google-lineitem-id
5378189910
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138312286116
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKPZHNRsiYrDCpBY6

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 29 Jun 2021 15:11:03 GMT
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5B8B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 29 Jun 2021 14:55:52 GMT
expires
Wed, 29 Jun 2022 14:55:52 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D5B2 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c72ab07ce7088cdee7e74e5ba58e43615dd0f6b95b9929a72de7278fe06f39bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j5cFYChd39wbAcYJ1ahn6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

expires
Tue, 29 Jun 2021 15:11:03 GMT
date
Tue, 29 Jun 2021 15:11:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-j5cFYChd39wbAcYJ1ahn6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 07D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 29 Jun 2021 15:11:03 GMT
expires
Wed, 29 Jun 2022 15:11:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/ Frame D9F6 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video-js.min.css
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ultimedia.com
Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
734996
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9046
cf-request-id
0af9ebf6fc000005b3a0006000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04020-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HezW%2F5YSkHK0WgyGrqwd2B3s%2BrC%2BbY3atm8wmh8oEoHVSxDyOiwVhUUKm3xsIXoqN%2B3T6dmjPsLyCKUz3Ou0hdYPQgmWiZKfAos2sksA%2FMu8DILGPeCU5x6mUQZo%2FdkVj0wllJlnC2isBRCmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
667015d19f5205b3-FRA
expires
Sun, 19 Jun 2022 15:11:03 GMT
videojs-errors.css
cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/ Frame D9F6 		2 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/videojs-errors.css
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f77a5637f21ed2fd3ec40fdabed99089c7e9483b26601ada71eb546cf959930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ultimedia.com
Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1677757
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
730
etag
W/"8d9-oOpTv9XkgTzGVYCB2N0KDJ9fp1c"
x-served-by
cache-fra19174-FRA, cache-hhn4058-HHN
date
Tue, 29 Jun 2021 15:11:03 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
quality-selector.css
unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/ Frame D9F6
Redirect Chain
  • https://unpkg.com/@silvermine/videojs-quality-selector/dist/css/quality-selector.css
  • https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css
431 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa2c811c57c6b7d0d1dc088a9642b932d0a4039e582bb8f75ad3d250a180317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
4019647
fly-request-id
01F5MBQQJEGV15GG89ZZD5GHAC
content-encoding
br
vary
Accept-Encoding
cf-request-id
0af9ebf730000096f26232c000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1af-rhfrbitbUubLnWKxbEiUUD00k/8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
667015d1ef7596f2-FRA

Redirect headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
219
vary
Accept, Accept-Encoding
cf-request-id
0af9ebf700000096f2690e8000000001
fly-request-id
01F9C4YREB8471CC7SA5RD38A4
server
cloudflare
location
/@silvermine/videojs-quality-selector@1.2.5/dist/css/quality-selector.css
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=600, max-age=60
cf-ray
667015d19f3496f2-FRA
advertisement.js
ads.videoadex.com/jw/ Frame D9F6 		20 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.videoadex.com/jw/advertisement.js?v=20210629171103
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.210.215.108 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
76b7bfe1c73966516f95f039734ac728c843a664e8fb860820b75c08bdf7be07

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
last-modified
Fri, 07 May 2021 12:17:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60952fcd-14"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
content-length
20
expires
Fri, 30 Jul 2021 15:11:04 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/ Frame D9F6 		458 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video.min.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bf6452264f553da2a967eb617aeb61a5fd7e18fbe6b61db1716a8de702d832
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ultimedia.com
Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1102214
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
104849
cf-request-id
0af9ebf6fe000005b3e7933000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04020-72609"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CVHOY5uuFiQC9Ctktemk8NYGnBYIv7V2VxdS2j1MVxXtRz3WS1egZROZ9M%2BbC4za9jgvVOMx5iT2cHvck3%2BiDSEX5VdAd%2F0MfL16j3hVnrOc1WCBcXTDBvgwMDMP7Pb1U3%2BIhYEj1Or7mmYOLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
667015d19f5905b3-FRA
expires
Sun, 19 Jun 2022 15:11:03 GMT
videojs-errors.min.js
cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/ Frame D9F6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-errors@4.2.0/dist/videojs-errors.min.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa0911dcc4faf8c1af34373c4ef2646f429c5d322344e0e94034c1b8a5fb72bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ultimedia.com
Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
576047
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
2154
etag
W/"1385-b89cn7GaYu0rIUWSPimsEUMn468"
x-served-by
cache-fra19127-FRA, cache-hhn4058-HHN
date
Tue, 29 Jun 2021 15:11:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
silvermine-videojs-quality-selector.min.js
unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/ Frame D9F6
Redirect Chain
  • https://unpkg.com/@silvermine/videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
  • https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js
24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f548bc7676dd25abb9901005467dc9e3c7df5de142e003293bdb2409378a310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
4019434
fly-request-id
01F5MBY8G4JQQSHYYEEGYBP803
content-encoding
br
vary
Accept-Encoding
cf-request-id
0af9ebf736000096f269a06000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"5fdf-Z6Mzp8fgD5ABilacq9b9JRiiRL4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
667015d1ef7a96f2-FRA

Redirect headers

date
Tue, 29 Jun 2021 15:11:03 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
238
vary
Accept, Accept-Encoding
cf-request-id
0af9ebf700000096f25f923000000001
fly-request-id
01F9C4Y8ESWG8FBKBNBTYEVVMN
server
cloudflare
location
/@silvermine/videojs-quality-selector@1.2.5/dist/js/silvermine-videojs-quality-selector.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=600, max-age=60
cf-ray
667015d19f3696f2-FRA
dtkplayer-vjs.js
www.ultimedia.com/js/player-digiteka/ Frame D9F6 		1 MB
399 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/js/player-digiteka/dtkplayer-vjs.js?v=5.11.08
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b59dfbf223f6bcc21bb962c036c40f92f76d56345014b13d37d2b060cba89a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 08:50:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"60dadee3-15399c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
strict-transport-security
max-age=31536000; includeSubDomains
expires
Fri, 30 Jul 2021 15:11:03 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
91f969259626d65a715eb61bc110f8a9bf6b1126e4b0ec037656d857de277d3e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b1d61e62-3cad-4166-acaa-08198f71743e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		769 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=208295&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2287775932%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2254%22%2C%22siteID%22%3A%22475976%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2255%22%2C%22siteID%22%3A%22475977%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2256%22%2C%22siteID%22%3A%22475978%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c98e1ae0-597c-4d14-8f74-2b18e892634c%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-29T15%3A11%3A02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13a9bebc361b365753abc0f6bee40287066f61aec1950fb0ec3de6c58a41cc56

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.76], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.itpro.co.uk
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
text/javascript
content-length
551
x-ak-client-geo
12
expires
Tue, 29 Jun 2021 15:11:04 GMT
jpt
secure.adnxs.com/ 		0
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19726475&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=6oob5kO4&psa=0&promo_sizes=970x250%2C970x90&referrer=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a8ab16bb-c961-4251-921c-715922f06425
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
cf-ray
667015d219b901f4-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
0af9ebf74b000001f4d611d000000001
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969149017575756568765396600062&pos=8a969cfa0175757560eb7662391900a6&secure=1&us_privacy=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
8d532834515d84f54716af755d65e2d741b8159c522d29a44b97010f77ec50dd

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969149017575756568765396600062&pos=8a9694ed0175757569cd76623b0a00cb&secure=1&us_privacy=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
0ee5865cac73b59a7b8a11ba8db002ea65ef50ed4176fbd7ec9ba8af95cccb83

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969149017575756568765396600062&pos=8a9694ed0175757569cd76623b0a00cb&secure=1&us_privacy=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
1923aabd6e22a13378485bd1a3fc8469ff5d5d3bbed0b12734bfb47109c77a38

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cdb
bidder.criteo.com/ 		201 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=41808882226
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b224fa0824a23d0d77b0844afc722cbc602c1ee741502ee9b97ddb3d50710c47

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
189
cdb
bidder.criteo.com/ 		192 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=14328110582
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81eb776ff62551670da258a4b118685651cd73a9c7086ecd884d6cdf81deafe8

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
187
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
cf-ray
667015d219bb01f4-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
0af9ebf74c000001f48680c000000001
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
841dda009a30e11d743b99445e7cd25c7b1ff0bff50940444cbe4e25a4911ca8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c88a27fd-36a1-486e-ab1a-9d719ab503b1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19726477&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=7jgxlgnL&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f45b2731f6ea59cd3cd33b4f31bb92fe6acba3f02a46dc21f757d24bba232aa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a1df43fa-1642-4302-a7fb-163a37da6776
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		134 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_Rhrp41nU%22%2C%22site%22%3A%7B%22domain%22%3A%22www.itpro.co.uk%22%2C%22page%22%3A%22%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22GxV2Nite%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22664082%22%7D%2C%7B%22id%22%3A%220pu8ZJN6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%22tagid%22%3A%22664083%22%7D%5D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc733261ab88a079bdc64de0537fc3e564b10ee44fb0e0c0f3b8dc0547c65768

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
141
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itpro.co.uk
date
Tue, 29 Jun 2021 15:11:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
dennis-d.openx.net/w/1.0/
Redirect Chain
  • https://dennis-d.openx.net/w/1.0/arj?auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-e...
  • https://dennis-d.openx.net/w/1.0/arj?cc=1&auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malw...
232 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dennis-d.openx.net/w/1.0/arj?cc=1&auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&jr=https%3A%2F%2Ft.co%2F&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._lUtZGE1x&cache=1624979463992&ttduuid=c98e1ae0-597c-4d14-8f74-2b18e892634c&gdpr_consent=&gdpr=0&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
39f98926fafe28f793b73ad25d3d6f7f6d314a2fe032095f963270112b189106

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 google
server
OXGW/16.209.0
location
https://dennis-d.openx.net/w/1.0/arj?cc=1&auid=540927987&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&jr=https%3A%2F%2Ft.co%2F&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._lUtZGE1x&cache=1624979463992&ttduuid=c98e1ae0-597c-4d14-8f74-2b18e892634c&gdpr_consent=&gdpr=0&us_privacy=
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.co.uk
access-control-allow-credentials
true
alt-svc
clear
content-length
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969149017575756568765396600062&pos=8a9691490175757565687662445600ba&secure=1&us_privacy=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
fd232317ddce228496b1e1b3da1b1a58c13616fc2bb163c974a92ebea3c0df96

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969149017575756568765396600062&pos=8a9691490175757565687662445600ba&secure=1&us_privacy=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
3b63f22ebb2b4de1e357f3151a0a10e33b50beb74e199eab9c5c47674c9776d9

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4828
cygnus
htlb.casalemedia.com/ 		66 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=208295&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2226292370%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2231%22%2C%22siteID%22%3A%22301583%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%2232%22%2C%22siteID%22%3A%22301584%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c98e1ae0-597c-4d14-8f74-2b18e892634c%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-29T15%3A11%3A02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab010318f760066cf5096d8b754aa3f100f6e5fee09e78b4c2964c8d4ca6b747

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.76], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.itpro.co.uk
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
text/javascript
content-length
86
x-ak-client-geo
12
expires
Tue, 29 Jun 2021 15:11:04 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 649E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
281 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
00d94001460cc1cf276c692c936dbf34163f7d00f40ad5bd704701aaf9bdbc82

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.itpro.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
220
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 15:11:04 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 15:11:04 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Set-Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 15:11:04 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
/
eum-eu-west-1.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 29 Jun 2021 15:11:04 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
css
fonts.googleapis.com/ Frame 07D0 		5 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6926a6ea145e3c647c89faae290c2e304fff0efb4db7f8e0e899177235276331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 15:03:51 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css
fonts.googleapis.com/ Frame 07D0 		2 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:400,600&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
069d1159097f2fdb9b341cbecb74891e636afa00b447539670fb64698b9456c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 15:00:54 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		2 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
685d6337f48ce3445d2329b7d6ab93d4b86fff7e7e5d778ad29e3a685ccfe99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:01:45 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		2 KB
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 13:21:57 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		5 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&family=Open+Sans+Condensed:wght@700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3163583e0b98601bf0a68f32692b70e5c93db4b2d0485d2e37ca332d599d2a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 15:00:38 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		2 KB
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0de779f89daff8685ab83e7000a94418506223caa4f47aacf222d1273981876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:24:48 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		1 KB
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:08:57 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		1 KB
406 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 13:56:15 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		3 KB
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@400;700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d8bdf5cbbfb8d67cd734420e8c8806e0ba866f2439f0259ae367009474c58b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:20:12 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		3 KB
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33faae9cc249594d60fc7be61d039d9f36327a4f2e906e1bba37c74536c3ff0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:30:56 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ead3f5334b11f153bc63e3339db233df14200bb70895e0cf0a7a008496b3abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:13:26 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		9 KB
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ceb61efa46e49c182d185e534a7ec54db2166a15a9e90207136e0072ba62338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:56:24 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
css2
fonts.googleapis.com/ Frame 07D0 		5 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe9e882e98abf6d620df7ca9b1a6c6ffba0a1750b18bd9373d30e1c64400c266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:00:48 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 07D0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 14:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 14:41:54 GMT
css
fonts.googleapis.com/ Frame 07D0 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400italic,700,700italic|Fira+Sans:400,400italic,500,700,700italic|Lato:400&lang=en
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
376f649d41f615bb6f7c876f5760cc355461a496f75c273a48f5a968c672fd75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 14:20:28 GMT
server
ESF
date
Tue, 29 Jun 2021 15:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 15:11:04 GMT
6946301502638890836
tpc.googlesyndication.com/simgad/ Frame 07D0 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6946301502638890836?
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e4b8807f96cf168d1453dfb81931172be76bb8285296600e25b109cb30e07e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 04:11:56 GMT
x-content-type-options
nosniff
age
557948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104833
x-xss-protection
0
last-modified
Fri, 22 May 2020 13:03:34 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 04:11:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07D0 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879993577808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38803
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:04 GMT
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame 5B8B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 12:40:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
9062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 12:40:02 GMT
pixels
3pd.criteo.com/user-sync/ 		456 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3pd.criteo.com/user-sync/pixels?countrycode=CH
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.173 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1568f3d521be98d6ac08cf4a87ca47a5c48c1a365f44f039334ce98eb2c145ef

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.itpro.co.uk
date
Tue, 29 Jun 2021 15:11:03 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixels
3pd.criteo.com/user-sync/ 		0
0
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.itpro.co.uk
date
Tue, 29 Jun 2021 15:11:03 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 07D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF8IiPX79M9dUfkn_-O08mEhwTxJi5fNd7AAylTUfivOrFcjecK3QxZM8AMO8aZWie4f_DSGRU0060Jd0T8gwiOwJdRnuWcVE4InwrfPbpa-L2F7TOPsFOP9GaBmrKibMAflP18h3LFNHabN2gLF2R7CUB1DI4BQFx0cAFBQFqaMGl8_plt1OevvjZvLQdWVllcmAUqFusJZbGuLXGcOYr8T2jlSTmdMPP0RMWSwqdGugEY7tyQA9wC74g4mbT7tsMsZD_o-O8-hPjFWr2b8cTHyK7y6pGRM0bid832taGnm_lgTJXYF9lZ3UKkOGLEJj_2JMzDLLi_JJzLA_Hlow&sig=Cg0ArKJSzHk4HxGxiA7oEAE&urlfix=1&adurl=
Requested by
Host: 86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
URL: https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ Frame 07D0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 09:59:54 GMT
x-content-type-options
nosniff
age
537070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21080
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:59:54 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ Frame 07D0 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:10:04 GMT
x-content-type-options
nosniff
age
543660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20348
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:10:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 07D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9NiitOwF5evk-7HMXEfnpQ5Nn9M8-0ngigt-7IDhMuSwMdhSl0blltO5vTyom8R_Xga6AXyPgRvNLoyK1nKCE4GPohBQsdzqPONBLDoSNkthnwE9dVGHzR1haKG3oEAjBt7XY9PmIfFqblANIfsAqJVXoPsuvKg32Z4qi4yMFc3fBQV3xWEpTxxHsXAWGPhXgHgCzf4kkGufv89yj7_MH1koGdw3gHWgFZHOCzBS23-V5K0SY2gSCgLDNSXwPSMtEhsIOa5Iz1ntB0LY8aS9gfCA-6ixgidI7-m62ZCL2_CvDgXecr3DXXcSiYwLSPDu1bVW3GfaOzpMVZ9mi4GG9Aw&sig=Cg0ArKJSzFKpLKd5EzxQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Jun 2021 15:11:04 GMT
truncated
/ Frame 07D0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad07ed5408a147e7557c9ff3855b1b772a566854acfc9c408c4e1f22a3e8de5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
match
3pd.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2f3pd.criteo.com%2fuser-sync%2fmatch%3fp%3diNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q%26u%3d%24%7bUSER_ID%7d&gd...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2F3pd.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DiNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q%26u%3D%24%7BUSER_ID%7D&gd...
  • https://3pd.criteo.com/user-sync/match?p=iNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q&u=AAB3qU7BtnAAADaFrkQOoA&gdpr=false
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3pd.criteo.com/user-sync/match?p=iNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q&u=AAB3qU7BtnAAADaFrkQOoA&gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.173 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://3pd.criteo.com/user-sync/match?p=iNxqJF9TMWg1R3JheXhRYW9WMmgwQjVhUEVRMnpQSEg4emhCQ3hhTlFmeEclMkZobTglM0Q&u=AAB3qU7BtnAAADaFrkQOoA&gdpr=false
Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
match
3pd.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2f3pd.criteo.com%2fuser-sync%2fmatch%3fp%3dFLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE%26u%3d%3cTUID%3e&gdp...
  • https://3pd.criteo.com/user-sync/match?p=FLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE&u=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3pd.criteo.com/user-sync/match?p=FLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE&u=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.173 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:03 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://3pd.criteo.com/user-sync/match?p=FLFD0F9MeEdld1dvU0lPSXgyNWNwaWxnWGl6djlKa3Q1M3BnMjR4TGJBMm5yY1NNJTNE&u=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88
tbl-x-upstream
10.41.12.133:10213
date
Tue, 29 Jun 2021 15:11:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18318
pd
eu-u.openx.net/w/1.0/ Frame 5B00 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185497-238993787170978.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
d35ccf1378413b0fb226a5f9048be60b2eebe99bf5d3f6a9425de794408c1a89

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.itpro.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=08bf68ae-b46a-0276-1649-4b57e47b877a|1624979464
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.itpro.co.uk/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=08bf68ae-b46a-0276-1649-4b57e47b877a|1624979464; Version=1; Expires=Wed, 29-Jun-2022 15:11:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624979464|gekin0vNiygu; Version=1; Expires=Wed, 14-Jul-2021 15:11:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=1752652724992393&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&prev_scp=position%3Dbelow_header%26placement%3Dbelow_header%26refresh%3Dyes%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26amznbid%3D2%26amznp%3D2%26IOM%3D970x250_1%26ix_id%3D_t38bD3JP&cust_params=article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3D021e4954e7863874%3AT%3D1624979463%3AS%3DALNI_MaVdyfP2pPcI49WSV3l_KlN9FYWFg&bc=31&abxe=1&lmt=1624979464&dt=1624979464446&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=115&adks=3231241921&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x0&msz=1x-1&psts=AGkb-H-RYuhul_9d9f4GifaBPGtKtIKgx8byOjthmEMOMUpoTis4ORYoyQs4kxRZm_njyNtmFoZGH3S1ke4S6XvAiF3An83O%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-bpaSifbguZAsRpIjxkc5ceunzS9O7l3IysWEYik1nqneVFnZNPZFCWt90U8sppcLLz7b289mEZrVuH9wGjWv1xbej&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8769a3dafdc1bb1fe406cfd0f1df3082dbb334938edbb7318a1097bb0b1f2c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11033
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
5265e9ea-7a7a-4cf7-85ad-06a205ab374b
https://www.ultimedia.com/ Frame D9F6 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ultimedia.com/5265e9ea-7a7a-4cf7-85ad-06a205ab374b
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
nr-spa-1198.min.js
js-agent.newrelic.com/ Frame D9F6 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"498f8d87fcfe5e90fda6a3ae4c47c6b0"
x-amz-request-id
9M07NDE5Q3E4Y6V8
x-cache
HIT
content-length
14594
x-amz-id-2
OkGCPzFZar5mxwOs6JhOkVp79QeAfUMHFXWYNbf/l/bXVOqCLCiYV/W4QiZHYTcZYeDWpGnlyOM=
x-served-by
cache-fra19163-FRA
last-modified
Fri, 29 Jan 2021 19:19:10 GMT
server
AmazonS3
x-timer
S1624979464.499757,VS0,VE0
date
Tue, 29 Jun 2021 15:11:04 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
210
headerstats
as-sec.casalemedia.com/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=208295&u=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&v=3
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.76], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.itpro.co.uk
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Tue, 29 Jun 2021 15:11:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D9F6 		339 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118864
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:04 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D9F6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210629
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c468503fba1e63b16921e69d6619d77bb0b5a78c91009a060e0da5ddb1ae83c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
419
x-jsd-version
1.0.1023
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
938
etag
W/"69a-+FNrluiOKYvApnITJmBPFODFZAg"
x-served-by
cache-fra19126-FRA, cache-hhn4058-HHN
x-jsd-version-type
version
date
Tue, 29 Jun 2021 15:11:04 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
q
p.adlooxtracking.com/ Frame D9F6 		8 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=v4.39.0&c=463&p=153&t=933&pn=%2Fdeliver%2Fgeneric%2Fiframe
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
55e3c0b7d3098a16dacb8a17a9470b8a288ac3641dffd16c0a18650dd1740f0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-adloox-pubint-version
20210622064410
date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 google
x-content-type-options
nosniff
x-real-ip
91.132.136.76
x-adloox-pubint-commit
4e3b3a7
x-adloox-pubint-commit-db
487770c6
server-timing
conn;dur=0.008, ua;dur=0.016, segment_pipeline;dur=0.149, segment_ip;dur=0.004, segment_iab-valid;dur=0.007, segment_iab-spider;dur=0.670, segment_bs;dur=0.004, segment;dur=0.990
alt-svc
clear
content-length
8
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ultimedia.com
vary
origin, user-agent
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
5f0uqp-S.jpg
medialb.digiteka.net/multi/3538x/ Frame D9F6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.digiteka.net/multi/3538x/5f0uqp-S.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.210.215.108 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
263d376e96229e84ba11c9708ad9f26daf2138498c86af090c9cf975a59d009e

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:04 GMT
last-modified
Wed, 12 May 2021 07:42:33 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609b86e9-54e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1358
expires
7d
5f0uqp-HC.jpg
medialb.digiteka.net/multi/3538x/ Frame D9F6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialb.digiteka.net/multi/3538x/5f0uqp-HC.jpg
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.210.215.108 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a58d6ec0dce13e67c01bf06a5acf68a71c11d2a4fe66889315d39c2561b3380

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Jun 2021 15:11:04 GMT
last-modified
Wed, 12 May 2021 07:42:33 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"609b86e9-47ca"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
18378
expires
7d
truncated
/ Frame D9F6 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea69ea59ca3ff7df1c4ef8d2cba121bc6283567c21aed8ed5b9076f74f4f4603

Request headers

Origin
https://www.ultimedia.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame D9F6 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f2f22a824b04b7d2ed365b0a9e1b59864bf08dfd0f8d0a6ab6d8125d54a227

Request headers

Origin
https://www.ultimedia.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 9285 		2 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
04ce9086d4e84555aead139e022ae13af603cfef38693eaf4b6c8355643d2f48

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&dcc=t

Response headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
614
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4
ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/ Frame D9F6 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4?mdtk=02437542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.217.68.139 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.ultimedia.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
last-modified
Mon, 04 Jan 2016 16:06:40 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
etag
"568a9890-2d34e5"
x-mod-h264-streaming
*
content-type
video/mp4
Content-Range
bytes 0-2962660/2962661
access-control-allow-credentials
true
Content-Length
2962661
/
dig.ultimedia.com/v/ Frame D9F6 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dig.ultimedia.com/v/?e=r2ply&dif=18g0pq03x684nl794e&cl=&v=g5f0uqp&adt=1&mdtk=02437542&z=2&zm=null&adb=0&tp=0&cat=25&o=3fpsr&iv=0&vol=0&trg=d&pl=0&fs=2&pm=0&cs=&csga=0&csdc=0&csgs=0&cspa=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.37.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
NRJS-85cca59f12bf4593115
bam.eu01.nr-data.net/1/ Frame D9F6 		57 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-85cca59f12bf4593115?a=158799923&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=984&ck=0&ref=https://www.ultimedia.com/deliver/generic/iframe&be=759&fe=830&dc=762&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1624979463620,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:7,%22rp%22:174,%22rpe%22:175,%22dl%22:238,%22di%22:762,%22ds%22:762,%22de%22:762,%22dc%22:829,%22l%22:829,%22le%22:830%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 varnish
x-timer
S1624979465.659999,VS0,VE5
strict-transport-security
max-age=300
x-cache
MISS
content-type
text/javascript;charset=ISO-8859-1
x-cache-hits
0
accept-ranges
bytes
content-length
57
x-served-by
cache-hhn4038-HHN
/
dig.ultimedia.com/v/ Frame D9F6 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dig.ultimedia.com/v/?e=trgrd&dif=18g0pq03x684nl794e&cl=&v=g5f0uqp&adt=1&mdtk=02437542&z=2&zm=null&adb=0&tp=0&cat=25&o=3fpsr&iv=0&vol=0&trg=d&pl=0&fs=2&pm=0&cs=&csga=0&csdc=0&csgs=0&cspa=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.37.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
loader.js
play.adpaths.com/libs/iAb/vast/ Frame D9F6 		220 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.adpaths.com/libs/iAb/vast/loader.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d3a295979ae198a823b01b449773d012b7c21ba0e360ee4989ad8e5c098372c

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:07:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Apr 2021 08:53:35 GMT
Server
AmazonS3
Age
371
ETag
W/"c84a5bb08ab89b2cd3e44c7a828ead48"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
hC3hCh7M1w184882RVZIZUKOEMS8J2uPE-piE-F5vcKpvD9EaCIr-g==
bridge3.469.0_en.html
imasdk.googleapis.com/js/core/ Frame 6821 		576 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.469.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ultimedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ultimedia.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193037
date
Wed, 23 Jun 2021 22:53:46 GMT
expires
Thu, 23 Jun 2022 22:53:46 GMT
last-modified
Wed, 23 Jun 2021 22:49:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
490638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D9F6 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:04 GMT
/
dig.ultimedia.com/v/ Frame D9F6 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dig.ultimedia.com/v/?cp=srzvr&e=prreq&dif=18g0pq03x684nl794e&cl=&v=g5f0uqp&adt=1&mdtk=02437542&z=2&zm=null&adb=0&tp=0&cat=25&o=3fpsr&iv=0&vol=0&trg=d&pl=0&fs=2&pm=0&cs=&csga=0&csdc=0&csgs=0&cspa=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.37.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
transfer-encoding
chunked
/
www.ultimedia.com/deliver/statistiques/tagcall/ Frame D9F6 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/deliver/statistiques/tagcall/
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 29 Jun 2021 15:11:05 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
sd
eu-u.openx.net/w/1.0/ Frame 5B00
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5e5160db-3809-4400-a007-2f4030536b73
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5e5160db-3809-4400-a007-2f4030536b73
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 29 Jun 2021 15:12:54 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5e5160db-3809-4400-a007-2f4030536b73
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Jun 2021 15:12:53 GMT
sd
us-u.openx.net/w/1.0/ Frame 5B00
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rm7T0atmh4u1P4-B_Wqag6hsgYq1ONbW_m-5l2gm
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rm7T0atmh4u1P4-B_Wqag6hsgYq1ONbW_m-5l2gm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=rm7T0atmh4u1P4-B_Wqag6hsgYq1ONbW_m-5l2gm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5B00
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5335556453911362704
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5335556453911362704
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5335556453911362704
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5B00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=db1357f7-1ded-3d81-4c9f-83bf805cb487&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5B00 		170 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjc3Yzg0M2QtZDQ5YS02MzI1LTU5N2YtZDkwNjRhYmU3YWU3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5B00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHJ_e9zI9yIli_cDsOIdWxw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHJ_e9zI9yIli_cDsOIdWxw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=ee6538a3-2829-4b5c-889c-8d4e60212533&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHJ_e9zI9yIli_cDsOIdWxw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788214285708128&correlator=1752652724992393&output=ldjh&impl=fif&vrg=2021062408&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=359%2Citpro.co.uk%2Csecurity%2Czero-day-exploit%2Cchrome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&prev_scp=position%3Dright_1%26placement%3Dright_1%26refresh%3Dyes%26article-type%3Dnews%26author%3Drene-millman%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26amznbid%3D2%26amznp%3D2%26ix_oath_cpm%3D300x250_370%26ix_oath_id%3D_CjU6IxEG&cust_params=article-type%3Dnews%26author%3Drene-millman%26client%3D%26contentType%3Darticle%26main-purpose%3Dbuild-brand%26node-id%3D359823%26original-publication-date%3D20210609%26page-type%3Dnode-article%26publication-date%3D20210609%26siteName%3Dit-pro%26sponsored%3D0%26tags%3Dgoogle-chrome%252Cmalware%26category%3Dzero-day-exploit%26all-categories%3Dchromium%252Cweb-browser%252Cmalware%26topic%3Dchrome%26amp%3Dno%26pageview-guid%3D304485ba-c13e-47c6-8a70-dba97b08cc96%26breakpoint%3Dminwidth1420px%26campaign%3D%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3D021e4954e7863874%3AT%3D1624979463%3AS%3DALNI_MaVdyfP2pPcI49WSV3l_KlN9FYWFg&bc=31&abxe=1&lmt=1624979464&dt=1624979464691&dlt=1624979461391&idt=1900&frm=20&biw=1600&bih=1200&oid=3&adxs=1024&adys=642&adks=418234109&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&psts=AGkb-H-RYuhul_9d9f4GifaBPGtKtIKgx8byOjthmEMOMUpoTis4ORYoyQs4kxRZm_njyNtmFoZGH3S1ke4S6XvAiF3An83O%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-bpaSifbguZAsRpIjxkc5ceunzS9O7l3IysWEYik1nqneVFnZNPZFCWt90U8sppcLLz7b289mEZrVuH9wGjWv1xbej&ga_vid=2052819291.1624979462&ga_sid=1624979463&ga_hid=41988246&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
dc090156697f23e38f73a05108982f9245bb244a07c9cea746a06ceb2a6b3cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5486
x-xss-protection
0
google-lineitem-id
5546725408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331919016
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=208295&u=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&v=3
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.76], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.itpro.co.uk
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Tue, 29 Jun 2021 15:11:04 GMT
integrator.js
adservice.google.com/adsid/ Frame D9F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ultimedia.com
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3DAD 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Jun 2021 16:03:23 GMT
amzns2s
rtb.gumgum.com/usync/ Frame D550 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b2348138cf45f4fecb071e3d4e563a20c04fd50a5751511a18e3d9036a4d498b

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3; Domain=.gumgum.com; Expires=Wed, 29-Jun-2022 15:11:04 GMT; Path=/; Secure; SameSite=None
etag
W/"040af15fbe286a0b8c8e8a4e7df9537a8"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 1C69 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
868abe3dddd718ef1b9cd96047c24104ee7f84367eb58d9e64acf85681a633ac

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAMuwQE*; CMST=YNs4CGDbOAgB; CMID=YNs4CD6PnFRWnhwQx6OEPgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|65|47|105|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1792
Expires
Tue, 29 Jun 2021 15:11:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YNs4CD6PnFRWnhwQx6OEPgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Jun 2022 15:11:07 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Sep 2021 15:11:07 GMT CMPRO=1206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Sep 2021 15:11:07 GMT CMRUM3=ce60db380b05a0&2d60db380b05a0&6960db380b05a0&e660db380b2760&2760db380b0b40&f160db380b05a0&4160db380b05a0&2f60db380b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Jun 2022 15:11:07 GMT CMST=YNs4CGDbOAsB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 30 Jun 2021 15:11:07 GMT CMDD=AAMuwQE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 30 Jun 2021 15:11:07 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 61AB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=20202
expires
Tue, 29 Jun 2021 20:47:47 GMT
date
Tue, 29 Jun 2021 15:11:05 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F7E8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Jun 2021 15:11:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/58252/ Frame 2CC1 		0
0
cm
u.openx.net/w/1.0/ Frame A811 		613 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
fdf89a316c785a9776575b937a81de327202a4e2bb364cdd5cba4f31e72d7cde

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=08bf68ae-b46a-0276-1649-4b57e47b877a|1624979464; pd=v2|1624979464|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=08bf68ae-b46a-0276-1649-4b57e47b877a|1624979464; Version=1; Expires=Wed, 29-Jun-2022 15:11:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624979464|kigqiyommOgevNgunsn0gi; Version=1; Expires=Wed, 14-Jul-2021 15:11:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1AEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=districtm&gdpr=0
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=districtm&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=districtm&gdpr=0
AN-X-Request-Uuid
aa14de85-13b0-4dc4-9d24-a220cdec505c
Set-Cookie
uuid2=3796571410758066839; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Sep-2021 15:11:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A1E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=appnexus.com&gdpr=0
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=appnexus.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Tue, 29 Jun 2021 15:11:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3796571410758066839&ex=appnexus.com&gdpr=0
AN-X-Request-Uuid
7b990879-5c65-42ed-ad0b-1738201e1190
Set-Cookie
uuid2=3796571410758066839; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Sep-2021 15:11:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
Cookie set amazon
ap.lijit.com/beacon/ Frame CE88 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_ox-db5_dm_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
2232006081dcfc75ed7c5a966f351e155deb864caa1a41485ea3116218af7304

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=3df58d26135d68fa6661dbc5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Tue, 29 Jun 2021 15:11:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjKxVLIyNDMyM7SwNDCz0FEyRuVaGqDyjczAfFMDIyMzEN%2FQCFm%2BFgCNghA1;Path=/;Domain=.lijit.com;Expires=Wed, 29-Jun-2022 15:11:08 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Wed, 29-Jun-2022 15:11:08 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=3df58d26135d68fa6661dbc5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap4ams1
NRJS-85cca59f12bf4593115
bam.eu01.nr-data.net/events/1/ Frame D9F6 		24 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-85cca59f12bf4593115?a=158799923&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=1171&ck=0&ref=https://www.ultimedia.com/deliver/generic/iframe
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 varnish
x-timer
S1624979465.800809,VS0,VE3
x-served-by
cache-hhn4038-HHN
strict-transport-security
max-age=300
x-cache
MISS
content-type
image/gif
access-control-allow-origin
https://www.ultimedia.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
24
x-cache-hits
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A811 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=83c52b8a-0147-867b-8c91-0128e86f7f67&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:05 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
4fd431b3-8d41-afc8-7d48-954a7f0b79ce
pr-bh.ybp.yahoo.com/sync/openx/ Frame A811 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4fd431b3-8d41-afc8-7d48-954a7f0b79ce?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A811
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8Cde0X0j1LYfod5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8Cde0X0j1LYfod5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8Cde0X0j1LYfod5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A811
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=512e0949-b22d-4252-8e93-840d339e41a5
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=512e0949-b22d-4252-8e93-840d339e41a5
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=6052f4ee-8ca0-4efb-9eb7-56dcae4a00d8&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=512e0949-b22d-4252-8e93-840d339e41a5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=512e0949-b22d-4252-8e93-840d339e41a5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=512e0949-b22d-4252-8e93-840d339e41a5
date
Tue, 29 Jun 2021 15:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame A811
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3796571410758066839
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3796571410758066839
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3a7c611b-63dd-4afe-b007-6580ce2a26ee
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3796571410758066839
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame A811
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCM3FVN0J0bkFBQURhRnJrUU9vQQ&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiato...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB3qU7BtnAAADaFrkQOoA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Csyn%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB3qU7BtnAAADaFrkQOoA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cox%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1789915405922152302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB3qU7BtnAAADaFrkQOoA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dsyn%252Cox%26...
  • https://match.prod.bidr.io/cookie-sync?userid=1789915405922152302&bee_sync_partners=syn%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB3qU7BtnAAADaFrkQOoA&pid=55...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dox%26bee_sy...
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
601014389
access-control-allow-origin
https://u.openx.net/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1789915405922152302%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D5
Date
Tue, 29 Jun 2021 15:11:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ads
pubads.g.doubleclick.net/gampad/live/ Frame 6821 		156 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?sz=640x480&iu=%2F359%2FDigiteka_ITPro&cust_params=zone-ros&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&description_url=https%3A%2F%2Fwww.itpro.co.uk%2F&correlator=745049993220797&gdpr=0&gdpr_consent&sdkv=h.3.469.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&addtl_consent=1~&sdki=44d&adk=1683573865&sdk_apis=2%2C8&media_url=https%3A%2F%2Fngs30c.digiteka.net%2F89549deb7c8326238637333618764ebf%2Fc3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw%2C%2C%2Fsdc1%2F31%2F66%2F3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4%3Fmdtk%3D02437542&sid=93D65ED9-C84D-468F-BF06-6A38A11FCF07&eid=420706097&ref=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dt=1624979464891&scor=3406665047509346&ged=ve4_td1_tt0_pd1_la1000_er0.0.152.300_vi0.0.384.683_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062408&jk=788214285708128&bg=!iomlic3NAAYo4NJEKOA7ACkAdvg8WihnNfmERFnni4tET9oQfTjTko5yiLqzOlC_teYCyjPlE-RfdAIAAAK3UgAAAE5oAQcKAR_BK3jZu9tmlutxIqxCSg3JzKC_DXmbdQjeiEHYHzUQsIptuOZekSsWNgs1JfXGfJv3Xajs9qZoq6zD2k0qZZ-onQx204wTpVeuZTC562YVTwTCQ-Ppu2xtmsJl2SxqGGGM5mWgPK8d4_0xoRTYCEjA0tZpMHSm8ripo6KEBv37hr9Bud25hu41nGy3UbgsG8U7FEzz4-4jeGDer42tyPTO5g_blUASdGPJgzoTo2J0x6mQCNIWt8ZtOcRuY_cvog5CUr_-Y1XEhvFmDMElfIOTrYTWNREm9g702YDFgEzG53N1HJBh13VSWt2Xy6YYhn3izDVDosdC7B4h-n-mDcb67zPVy_zYDRLNND9sz_EgBXYIkriy09YSWHTPRgCBaJkCe28jgVx-5JdjXvUJe91_qhaAy2eS6SgzcM-_JYACaliGjdXF693V8ZHR9DBO2RlIFBqtOQFukinuv9i2C37IK6a0d3Ac2Y2mVzM9qFaqU5poOiym_PfbUoh-U48ISM4FT8j4fmh2hwROpDCk3YuIG810cSzIbugPAJnN2PQx8VZOl2mp5FSuAvC5qXi8PhAJG5exJpU2Tes4uWbpnDYAuNaRU4I2hvrMPsArc1P9TTD8x_1K8Fbl_zjjrd9MaOVeffxUC0lU6VKYdePRQB-foJiKc_iUZwtX6GGBM4RBawQ_qaJUlZZKCMxKogi4v8s9Je2H8eQMjJjXbn8K83fOFqOhBdBtls4scWBtLrnKzz_SBx5uJA7-cUAHKkgJjbaSz6nbGNit32aAj_rp8rmNyDUxdvN8v8jVvJy6vO6SAy_euG74yFQKDI08DTWYSF9Go8AoDzVb2SLBmTj3kxl_woI5M_sfDOrJKpSrhs4BuvwZOJMsr6Scm9w1b-4olO-DJT53h4d7a_IsL5ujxAV5hzqkHORyT3PHaEGyZDCNNWa3QCwu7qbNKMyr8SgLvG6wOAEsr8tt4XtEGd8L_4B9BWA4A5qn6BpvYH21Oemu0FRm1KxVN9cVPDqFm-a3g0udGtdhcNxjFObfWhLan0pm8UYhpZmTmqLfZnojHEXXDORImzJAVWiyek21HNPHO7fpFdrZvyLWRco_cX1tOUOlCkb3tyKtNwaaWii8A66GV8UEs1e4bQv4MfZMcvHDuXJStbzNpY0HPbbplgGyxaXKSgFBbgcSVqJdT4FqxZjk_9_2ANaCRcXdqhzb9bfbxvxclp9_LTEOTyXOrv3Z
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3796571410758066839
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3796571410758066839
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:04 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b972882-8442-4c3c-8470-ec53b12dd558
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3796571410758066839
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5
  • https://rtb.gumgum.com/usersync?b=bsw&i=512e0949-b22d-4252-8e93-840d339e41a5
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=512e0949-b22d-4252-8e93-840d339e41a5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=512e0949-b22d-4252-8e93-840d339e41a5
date
Tue, 29 Jun 2021 15:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncUser
sync.outbrain.com/ Frame D550
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&obuid=ENC(H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b)
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&obuid=ENC(H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b)
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-TraceId
b8bb44e4bbc97040fb2be18dcf7551e
Date
Tue, 29 Jun 2021 15:11:12 GMT
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&obuid=ENC(H1mZk35g5WhNGSon2vrIqrZljamlMapsDz_Jpcf-BTQSJ63i1_7t2_391rembV4b)
date
Tue, 29 Jun 2021 15:11:08 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=2c2ef387-35f8-05d7-2be4-9352480cb5c1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=2c2ef387-35f8-05d7-2be4-9352480cb5c1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=2c2ef387-35f8-05d7-2be4-9352480cb5c1
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame D550 		0
0
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-5olcS4dE2pf3UZw_7EOpziOpFERo00DRLS6L~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-5olcS4dE2pf3UZw_7EOpziOpFERo00DRLS6L~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Tue, 29 Jun 2021 15:11:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-5olcS4dE2pf3UZw_7EOpziOpFERo00DRLS6L~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
sync.ipredictive.com/d/sync/cookie/ Frame D550 		0
0
services
sync.technoratimedia.com/ Frame D550 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
592622765
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame D550 		0
0
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=4d0477c8-493f-4834-919c-97243ccce6f9
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=4d0477c8-493f-4834-919c-97243ccce6f9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=4d0477c8-493f-4834-919c-97243ccce6f9
date
Tue, 29 Jun 2021 15:11:05 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=SYMw3lgFlBac&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=SYMw3lgFlBac&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=SYMw3lgFlBac&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-htknh
expires
-1
usersync
rtb.gumgum.com/ Frame D550
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=4452596173672099665&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=4452596173672099665&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=4452596173672099665&gdpr=1&gdpr_consent=
date
Tue, 29 Jun 2021 15:11:10 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D550 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:05 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9755
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 29 Jun 2021 15:11:05 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 29 Jun 2021 15:12:54 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3799 851f7e8 master cdg-pixel-x29
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=e0f460db-3809-4800-9dd0-914714928bca; domain=.mathtag.com; path=/; expires=Wed, 27-Jul-2022 15:11:05 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=e0f460db-3809-4800-9dd0-914714928bca&gdpr=0&gdpr_consent=
Expires
Tue, 29 Jun 2021 15:12:53 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 3791
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
85 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YNs4DAACTR7i8QA4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
age
2018
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
15771
x-timer
S1624979469.735678,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YNs4DAACCj9ngABg; Path=/; Domain=.everesttech.net; Expires=Wed, 29-Jun-2022 15:11:08 GMT; Max-Age=31536000;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YNs4DAACCj9ngABg
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624979469.614925,VS0,VE93
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2B9B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZWQ0MjlhZi00ZDdmLTQ2MzMtYWU3NC0wYjkwYmYwOGI3YjM=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZWQ0MjlhZi00ZDdmLTQ2MzMtYWU3NC0wYjkwYmYwOGI3YjM=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmCoMHydYToczYUK8OZkO-G-OTrNLaSp27HjGV8Meejp2Vvf_e7uN0Y2vqR-w4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Tue, 29 Jun 2021 15:11:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D56 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=20202
expires
Tue, 29 Jun 2021 20:47:47 GMT
date
Tue, 29 Jun 2021 15:11:05 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 38DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip180.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2020008
server
33XP001
date
Tue, 29 Jun 2021 15:11:14 GMT
usersync
rtb.gumgum.com/ Frame 5A7F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3ed429af-4d7f-4633-ae74-0b90bf08b7b3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Tue, 29 Jun 2021 15:11:04 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=c98e1ae0-597c-4d14-8f74-2b18e892634c&t=1627571464
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=c98e1ae0-597c-4d14-8f74-2b18e892634c; domain=.adsrvr.org; expires=Wed, 29-Jun-2022 15:11:04 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwju7YWJ28bdORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Wed, 29-Jun-2022 15:11:04 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 7FDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Tue, 29 Jun 2021 15:11:06 GMT
content-length
0
idsync
tg.socdm.com/aux/ Frame 1798 		0
0
usersync
rtb.gumgum.com/ Frame 8547
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=875739027945780747
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=875739027945780747
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=875739027945780747
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 29 Jun 2021 15:11:12 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 29 Jun 2021 15:11:12 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRiaW5pYm5kaGIEAHzbsAIQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 24 Jul 2022 15:11:12 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAytzQxNbcwMDcxF-Iz1E0ONQvMCcnJ8TIvqZDiNTQzMrEEKjA3MjQxAgD_W-KCMwAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 24 Jul 2022 15:11:12 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAytzQxNbcwMDcxF-Iz1E0ONQvMCcnJ8TIvqQAAmIVOYiQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=875739027945780747
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 97D3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 29 Jun 2021 15:11:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Tue, 29 Jun 2021 15:11:11 GMT Tue, 29 Jun 2021 15:11:11 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=zjXq7yvBZBv3snHo4lvv&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106212012000/ Frame DE30 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55206
x-xss-protection
0
server
sffe
date
Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e7b47afdadb9c9"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 16:10:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame DE30 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4815
x-xss-protection
0
server
sffe
date
Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9c6d4b511682de4a"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 16:10:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame DE30 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27658
x-xss-protection
0
server
sffe
date
Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"89763648e638c628"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 16:10:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame DE30 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1490
x-xss-protection
0
server
sffe
date
Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9b373dc53e7b532"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 16:10:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame DE30 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12852
x-xss-protection
0
server
sffe
date
Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"432397294f345717"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 16:10:14 GMT
truncated
/ Frame DE30 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0e26c9f6e25eb18b5431e8cfc26cd26c6379d4513016c36f3438ef7dd5bb533

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
12679658267762343183
tpc.googlesyndication.com/simgad/ Frame DE30 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12679658267762343183?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkAEfi_Nmda8hY7f1hS-b5GSaq2Ig
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82365680ddb2173ed757ef8ed4406085685a53b3ce36759cc31e91b151946806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 12:16:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 10:09:53 GMT
server
sffe
age
528873
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57122
x-xss-protection
0
expires
Thu, 23 Jun 2022 12:16:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE30 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 07:15:41 GMT
x-content-type-options
nosniff
server
cafe
age
28523
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 30 Jun 2021 07:15:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE30 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 10:45:56 GMT
x-content-type-options
nosniff
server
cafe
age
15908
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 30 Jun 2021 10:45:56 GMT
l
www.google.com/ads/measurement/ Frame DE30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLjRPBFJUA2onZShWIixox2QnkQMjCFt9v2Yj0EBfkVWjEcHzS-H5gLBACH6PGwa2ZLlOnQGSU7tBiCqIetxTCx9k9fQ
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame DE30
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 29 Jun 2021 15:11:05 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4
ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/ Frame D9F6 		13 KB
13 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4?mdtk=02437542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.217.68.139 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b1023158c297279e5f7d966d96922e6323ba525147a8118b2ed21ca58e93e849

Request headers

Referer
https://www.ultimedia.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=2949120-

Response headers

date
Tue, 29 Jun 2021 15:11:05 GMT
last-modified
Mon, 04 Jan 2016 16:06:40 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
etag
"568a9890-2d34e5"
x-mod-h264-streaming
*
content-type
video/mp4
Content-Range
bytes 2949120-2962660/2962661
access-control-allow-credentials
true
Content-Length
13541
adview
securepubads.g.doubleclick.net/pagead/ Frame DE30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGakSCDjbYLaiHtKR7_UP346M4AyyxNqOYpK35db4Dd3q0ousGxABINuv4Rpg9ZXOgeAEoAHjz5m_A8gBAuACAKgDAcgDCKoEzAJP0E5p7SeWAQIaZFQH1rK5n5mdDPY9AVXc2EyIv2hBmWcFIvHjKzdrQNIndK1lEKBFVj67nmKCd2R7wfPy3pgV_1kDrPuj8-CN9Vp3PPB3whWUPKofwYfrZrwtD6El1J-hwcPZFVTHWiQZQvlsApt7EzWIYugonZZ1QuAwHLONJmmRl1GdJKsFfNSTw98L9Gio_5i_6hlZTtA6R16WeND_KnUgY7USK5CTp-qgnKQtNgagpyjkGvtQnNMrSESmmOEFKBX00FuqfpvvTQiv5Y3dFAMpeZld-0DN2R714kftXePyKnidIXgbzq9Mx6QyBoGQrKwLY7v37PCjZKlNo_fEt-3kDYxoUhhe_79XlJqLUWuGh_dRiLhQv0BUPLVuipMHvmBYSCPjPEtL2fc7tVu3_lfkn4eq06Q2hNMHMa6u1i0E3S8Sb3avBUCD_cAEr-PRpvgC4AQBkgUECAQYAZIFBAgFGASgBgKAB4DenT6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzJ4u0ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02OTkzNjI3Mzg2MzI3ODA4&sigh=7rgdv8iqm7o&cbvp=2
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4
ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/ Frame D9F6 		96 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://ngs30c.digiteka.net/89549deb7c8326238637333618764ebf/c3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw,,/sdc1/31/66/3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4?mdtk=02437542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.217.68.139 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.ultimedia.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 29 Jun 2021 15:11:05 GMT
last-modified
Mon, 04 Jan 2016 16:06:40 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
etag
"568a9890-2d34e5"
x-mod-h264-streaming
*
content-type
video/mp4
Content-Range
bytes 32768-2962660/2962661
access-control-allow-credentials
true
Content-Length
2929893
view
securepubads.g.doubleclick.net/pcs/ Frame 2CDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXS5YYOxlArnIcWN9QccQT2x6hKM8G3LyV_4_9RT58OobOKlqzoXmVWwHT6dsT8_PXRAge2C2xxOx1zw-Ta9DZFRDZyDUaBBx-g5F1pnmRj8BAXRXMAHsas-3Z8y5COg7LVCYaYM2eSaFLqTiu3uZA1HDZkRWkL4FvoJHCQ1Y6wqRHHO5ctfuy30kLp0tASjfeKg3iXJAI_u02On1HElxexoH0cpZ4ri6nWkKiab64oM2toKF6cRaAWlYC9o7UnAFwxb2cNjblHnNuUFXwwhEsdgm3c2v0ANxwZ3Df6-vfn0Yf3E3casMqmjfZqBT8ctZBs-4Jc9uUnt5RbiRo2f0&sig=Cg0ArKJSzInp-TD42dc0EAE&urlfix=1&adurl=
Requested by
Host: t.co
URL: https://t.co/0u0PXZrkTP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2CDF 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879993577808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38803
x-xss-protection
0
expires
Tue, 29 Jun 2021 15:11:05 GMT
pixels
www.itpro.co.uk/security/zero-day-exploit/359823/%3Cscript%20type='text/javascript'%3Evar%20adContent%20=%20'';adContent%20+=%20'%3Cscr'%20+%20'ipt%20type=%22text/javascript%22%20src=%22https://ser... 		0
0
/
track.adform.net/adfscript/ Frame 0D7A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=47244941;rtbwp=4.646535;rtbdata=VScbB5JZwQYUfnZx0tc2oQfvoWxedkaEBXZ15jTD_11oYv1X4eA_IiUj5btkpEZ0G2Y2UDgDIImgXq9iJgtaS0HHuaqghoCmL1yDLGT21ONjs3LzooiWllVlnH2CEwiezKKyxesIzqCvhRfEtqUPHmZi6Hpn5ZF6T9QMH240rTHbFbdzkOqstj_Nm4-C4gaSbOaB52-xldskPTIgj7LJ_ejGeWH89bNVJ0DQRIl3PLqwGuU78YVK-BjVS3AwzcKbDnOsQ84Aez0A41n_PKKfqdCbdH8FlFd2-Wl__8ZlO7h1JNsjRdNvK8s-6YWf9XROsb0xWde9PHO_J7_QTDWbwMN-1gsNOJHV4UFuhV40q881
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5406b5dc9d90c70704838ee9b158a1a91dfa3557141f77cc0559fd047d936abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
921
expires
-1
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 0D7A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55953,55986,57926,55965,56554,55853,55944,55973&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e0f752422267c7f065056163ce76a5b606b11c48af03549fcc90c4bf0b37e70f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:05 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
talon-1.0.31.js
s.yimg.com/ix/ Frame 0D7A 		57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 12:03:39 GMT
x-content-type-options
nosniff
age
11247
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
Bg3djTH0vlCYpSNnuQRwufNf5JhTNmYaDxWz7HDoKhCCu/GF6+gGjD41IS7+gkazevrDC4X/+SI=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
XRH1NPGDGXNQ7FA2
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adfeedback-1.0.105.js
s.yimg.com/cb/af/ Frame 0D7A 		115 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.105.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1c1c2fb8251cd4ed4384912ee1dd9aa7c73528f8410617b565f74b465499e389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 29 Jun 2021 12:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11247
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
29784
x-amz-id-2
2dCXQ9L3MoZn7bulEPJZvZb7X6cohGsph+WTj1XU5YJbDukLer2IiJoNpcuPVBWdM+CX44epGOc=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Apr 2021 17:02:27 GMT
server
ATS
etag
"1f4b16eda01bd9a1738b21511ad5d794-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
XRHBPJV7WAPGCHWZ
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adEvent.do
eu-central-1-web.ssp.yahoo.com/admax/ Frame 0D7A 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-web.ssp.yahoo.com/admax/adEvent.do?tidi=770940313&dcn=8a969149017575756568765396600062&posi=1271159&grp=%3F%3F%3F&nl=1624979464176&rts=1624979464061&pix=1&et=1&a=a96474de9eeb42dca5b5a81b173b715e&m=aXAtMTAtMjItMTIzLTE1OA..&p=MC4wMDQ2NDY1MzU&b=MTMzMjg7NjI3MDtzd2lzc3F1b3RlLmNvbTs7OztmZDBiMzUyMGUwY2Y0YzU4YTI0MmQ0N2U1ZTNmMzZlNzsxMjczMDgyNTsxNjI0OTc3MDAzOzswLjAwMzcxNzIyODs7MA..&uid=e6bfj4pgdme08%26b%3D3%26s%3Dqd&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxDSEU.&hb=true&type=0&af=2&dety=2
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:06 GMT
Last-Modified
Mon, 28 Jun 2021 17:18:26 GMT
Server
ATS/7.1.2.128
Age
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
truncated
/ Frame 2CDF 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb69b85ecd4fe4364991a48a7b8271e79fac3c1d8ec97d563ae3ddf769381919

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame EA19 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931015&campId=300x250&pubId=4949190943&chanId=22446486311&placementId=5546725408&pubCreative=138331919016&pubOrder=2779437835&cb=2047563928&adsafe_par&impId=&custom=right_1&custom2=article&custom3=it-pro&custom4=&custom5=
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3ee2e4eeb5b7ebf68fafdd8395805ba0e677ba1a4d6cc6bac85a8be01cb3635a

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
content-encoding
gzip
x-server-name
app36.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
main.gr.19.8.212.js
static.adsafeprotected.com/ Frame EA19 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.212.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
853b5df92360c4d523db2cb22f0e093ed15ced3448ab87f5c715645c7fc2f36f

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 20:24:35 GMT
content-encoding
gzip
age
67591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 28 Jun 2021 20:08:57 GMT
server
AmazonS3
etag
W/"a5a5b400747f2b2d9a9b733f2f2dd17b"
vary
Accept-Encoding
x-amz-version-id
6wXsLE5Z3KPM2aaHNHQvLpv8FVlQA3AT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
hH2QNbeKof_CRA4XAe8IjdYolqF6JaTUvyEDFSeXOPcNLEuTPIShzA==
sca.17.5.5.js
static.adsafeprotected.com/ Frame 2892 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 00:43:18 GMT
content-encoding
gzip
age
1434468
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
M-WoH_jJq0hxzzpuJiunuhHGAo_UsPDP0_pU1X-qXDR-IuL3Ubztrw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931015&campId=300x250&pubId=4949190943&chanId=22446486311&placementId=5546725408&pubCreative=138331919016&pubOrder=2779437835&cb=2047563928&adsafe_par&impId=&custom=right_1&custom2=article&custom3=it-pro&custom4=&custom5=&adsafe_url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.itpro.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:df1f8e55-9062-b8d2-73c9-a46aaab2b5da,c:gWAyDK,sl:inView,em:true,fr:true,mn:app36ie,pt:1-5-15,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:79,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:154,oid:399e7728-d8ec-11eb-8c0d-06c3831123e5,v:19.8.212,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:05 GMT
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyE3,pingTime:0,time:173,type:pf,im:%7BpBlk:167%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:173,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B90~100%5D,as:%5B90~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt64.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyEa,pingTime:-2,time:180,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:168,beZ:170,mfA:248,cmA:249,inA:249,inZ:254,prA:254,prZ:316,si:323,poA:324,bl:336,poZ:336,cmZ:336,mfZ:336,loA:343,loZ:345,ltA:348,ltZ:348%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:180,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~100%5D,as:%5B97~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5Bgoogle_ads_iframe_/359/itpro.co.uk/security/zero-day-exploit/chrome_6,google_ads_iframe_/359/itpro.co.uk/security/zero-day-exploit/chrome_6__container__,refresh-desktop-side-19,main,root%5D,sinceFw:24,readyFired:true%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt63.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyEV,time:227,type:e,im:%7BpWait:6%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:227,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B144~100%5D,as:%5B144~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt62.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 61AB 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57541314&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c716194480e94aee8bec89b91917cb4fdc9954e442e33c2802b61c711f2331ff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:06 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
eum-eu-west-1.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 29 Jun 2021 15:11:09 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyIW,pingTime:-10,time:476,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1624979466089%7C%7C1695ebd5e0e922ee4f5274365694148a%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C0d64137382f906fb5c538e198855a9cd%7C%7C1ecf805b283b262f5f2228dfbf79d1ed%7C%7Ce3e3af9698415c2bdb14701c55a17a85%7C%7Cbcb35ba49ecb362b02e0e2fc2cf2aa28%7C%7C43872349bc9ef81890fbc4a60f92b5cb%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt56.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usync.js
eus.rubiconproject.com/ Frame F7E8 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 15:11:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60853
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Wed, 30 Jun 2021 08:05:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DE30 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvra6JflkYN3IrtWKOwmznLOolNBqWOkZA1ewaK9b4b69lf__4cjuXvdKHXS_K7O6mPlcsD83Uo254PwJ32Tlm1C3dRrcYM5D4io6RFIi7LcifJWHvcSGJ3tnQ&sai=AMfl-YRSjKqdEtAGhlzyeMdxviootpcLDIq-sbwu90oNeVXpRu0lB6RwRQQIcYinTZyBMZXZ4cRLJna69X0-50Fd87PoHvvp1l_ONwHYL0OLsUhu77AwPO1w42y17qk&sig=Cg0ArKJSzFukz3GBUmdbEAE&cid=CAASFeRocP_9ohX1Qu8USDt8z4qGDJRqIQ&id=ampim&o=315,140&d=970,120&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=107&tls=1107&g=100&h=100&tt=1107&r=v&avms=ampa&adk=3231241921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame F7E8 		284 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
/
dig.ultimedia.com/v/ Frame D9F6 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dig.ultimedia.com/v/?cp=skfxq&e=prreq&dif=18g0pq03x684nl794e&cl=&v=g5f0uqp&adt=1&mdtk=02437542&z=2&zm=null&adb=0&tp=0&cat=25&o=3fpsr&iv=0&vol=0&trg=d&pl=0&fs=2&pm=0&cs=&csga=0&csdc=0&csgs=0&cspa=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.37.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
transfer-encoding
chunked
/
www.ultimedia.com/deliver/statistiques/tagcall/ Frame D9F6 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ultimedia.com/deliver/statistiques/tagcall/
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.8.31 , France, ASN16276 (OVH, FR),
Reverse DNS
dtk-lb-gra11.dginfra.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 29 Jun 2021 15:11:06 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
/
dig.ultimedia.com/v/ Frame D9F6 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dig.ultimedia.com/v/?req=%5B%7B%22bc%22%3A%22dfp%22%2C%22cp%22%3A%22skfxq%22%2C%22cur%22%3A%22EUR%22%7D%5D&e=hbdrq&dif=18g0pq03x684nl794e&cl=&v=g5f0uqp&adt=1&mdtk=02437542&z=2&zm=null&adb=0&tp=0&cat=25&o=3fpsr&iv=0&vol=0&trg=d&pl=0&fs=2&pm=0&cs=&csga=0&csdc=0&csgs=0&cspa=
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.37.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
transfer-encoding
chunked
integrator.js
adservice.google.com/adsid/ Frame D9F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ultimedia.com
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 15:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6821 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=745049993220797&sz=640x480&url=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&iu=%2F34631970%2Fca-video-pub-7026431251527825-tag%2Fuk-itpro&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26adl_dis%3D-1%26adl_ok%3Dtrue&description_url=https%3A%2F%2Fwww.itpro.co.uk%2F&gdpr=0&gdpr_consent&sdkv=h.3.469.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&addtl_consent=1~&sdki=44d&adk=862705746&sdk_apis=2%2C8&media_url=https%3A%2F%2Fngs30c.digiteka.net%2F89549deb7c8326238637333618764ebf%2Fc3BlZWQ9MTUwO3VzZXI9bmdzO2V4cGlyZT02MGRkZGIwNw%2C%2C%2Fsdc1%2F31%2F66%2F3166ed1df70482b5e5f00d0f43f44e4baf734148.mp4%3Fmdtk%3D02437542&sid=93D65ED9-C84D-468F-BF06-6A38A11FCF07&eid=420706097&ref=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dlt=1624979463858&idt=1012&dt=1624979466334&scor=3406665047509346&ged=ve4_td2_tt1_pd2_la2000_er0.0.152.300_vi0.0.384.683_vp100_ts1_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F7E8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQI6TGX4-4-IDSX&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQI6TGX4-4-IDSX&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:06 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQI6TGX4-4-IDSX&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0D7A 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Jun 2021 18:02:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F7E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAoRDZ2TmJoqOxYJSOKvup4&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAoRDZ2TmJoqOxYJSOKvup4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAoRDZ2TmJoqOxYJSOKvup4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame F7E8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F7E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJNlRHWDQtNC1JRFNY&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJNlRHWDQtNC1JRFNY&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FJNlRHWDQtNC1JRFNY&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame F7E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQI6TGX4-4-IDSX&sigv=1&esig=2~85602aca843e4aaaac1b56289a40844cf7591df7&gdpr=0
0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQI6TGX4-4-IDSX&sigv=1&esig=2~85602aca843e4aaaac1b56289a40844cf7591df7&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:06 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQI6TGX4-4-IDSX&sigv=1&esig=2~85602aca843e4aaaac1b56289a40844cf7591df7&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F7E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Tue, 29 Jun 2021 15:12:55 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Jun 2021 15:12:54 GMT
709414.gif
id.rlcdn.com/ Frame F7E8 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame F7E8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=YNs4DAACTR7i8QA4
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YNs4DAACTR7i8QA4&gdpr=0&_test=YNs4DAACTR7i8QA4
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YNs4DAACTR7i8QA4&gdpr=0&_test=YNs4DAACTR7i8QA4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624979469.746754,VS0,VE0
x-served-by
cache-hhn4034-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YNs4DAACTR7i8QA4&gdpr=0&_test=YNs4DAACTR7i8QA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame F7E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DcSMIFDISpEpPHaqaeBtDg?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1511715280789492473
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1511715280789492473
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Tue, 29 Jun 2021 15:11:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1511715280789492473
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyUd,pingTime:1,time:1175,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1175,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1092~100%5D,as:%5B1092~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt69.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyUe,pingTime:1,time:1176,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1176,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1093~100%5D,as:%5B1093~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt66.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAyUe,pingTime:1,time:1176,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1176,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1093~100%5D,as:%5B1093~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
x-server-name
dt65.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
match
c1.adform.net/serving/cookie/ Frame 531A 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=18F41E3D-ABD2-4CEA-860D-A88018DD394B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=18F41E3D-ABD2-4CEA-860D-A88018DD394B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=5335556453911362704
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:07 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5335556453911362704; expires=Sat, 28 Aug 2021 15:11:07 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E771
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_699=22727-AAB3qU7BtnAAADaFrkQOoA; PugT=1624979465; PUBMDCID=3; KADUSERCOOKIE=18F41E3D-ABD2-4CEA-860D-A88018DD394B; chkChromeAb67Sec=1; DPSync3=1626134400%3A197_219_201%7C1625011200%3A174; SyncRTB3=1626134400%3A56_22_166_55_7_3_8_81_99_161_21_234_54_71%7C1625788800%3A63%7C1626220800%3A35%7C1627516800%3A203%7C1625529600%3A2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-1422415054260567356; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:11:07 GMT; path=/ PugT=1624979467; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:11:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:11:07 GMT; path=/
x-lat
lhrpug002:0:368
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1422415054260567356
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1AD5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_699=22727-AAB3qU7BtnAAADaFrkQOoA; PugT=1624979465; PUBMDCID=3; KADUSERCOOKIE=18F41E3D-ABD2-4CEA-860D-A88018DD394B; chkChromeAb67Sec=1; DPSync3=1626134400%3A197_219_201%7C1625011200%3A174; SyncRTB3=1626134400%3A56_22_166_55_7_3_8_81_99_161_21_234_54_71%7C1625788800%3A63%7C1626220800%3A35%7C1627516800%3A203%7C1625529600%3A2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:11:07 GMT; path=/
x-lat
lhrpug016:0:689
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Tue, 29 Jun 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2269
x-powered-by
ASP.NET
date
Tue, 29 Jun 2021 15:11:07 GMT
content-length
205
Pug
simage2.pubmatic.com/AdServer/ Frame 3CF1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
42 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6979233680323639444&KRTB&23278-6979233680323639444; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:11:10 GMT; path=/ PugT=1624979470; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:11:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:11:10 GMT; path=/
x-lat
lhrpug011:0:577
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 29 Jun 2021 15:11:10 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6979233680323639444; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6979233680323639444
services
sync.technoratimedia.com/ Frame 88B3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
sync.technoratimedia.com
:scheme
https
:path
/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:08 GMT
set-cookie
tads_uid=GDPR; Max-Age=157680000; Expires=Sun, 28 Jun 2026 15:11:08 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
800504848
age
0
via
1.1 varnish

Redirect headers

Date
Tue, 29 Jun 2021 15:11:07 GMT
location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB3qU7BtnAAADaFrkQOoA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame EDA6
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:14 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug015:2:484
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=318db717-ae1e-49f4-80c0-1bea84aa8748; path=/; domain=csync.loopme.me; Expires=Thu, 29-Jul-2021 15:11:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Tue, 29 Jun 2021 15:11:14 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame ED30
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_699=22727-AAB3qU7BtnAAADaFrkQOoA; PugT=1624979465; PUBMDCID=3; KADUSERCOOKIE=18F41E3D-ABD2-4CEA-860D-A88018DD394B; chkChromeAb67Sec=1; DPSync3=1626134400%3A197_219_201%7C1625011200%3A174; SyncRTB3=1626134400%3A56_22_166_55_7_3_8_81_99_161_21_234_54_71%7C1625788800%3A63%7C1626220800%3A35%7C1627516800%3A203%7C1625529600%3A2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Jun 2021 15:11:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:11:07 GMT; path=/ PugT=1624979467; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 15:11:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Sep-2021 15:11:07 GMT; path=/
x-lat
lhrpug014:0:434
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 29 Jun 2021 15:11:07 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 78C9 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=18F41E3D-ABD2-4CEA-860D-A88018DD394B&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5t4iWo6gkC1sYu5kHkwzfg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Tue, 29 Jun 2021 15:11:11 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 61AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GPQePavSTOqGDaiAGN05Sw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:12 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=20195
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 29 Jun 2021 20:47:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e5160db-3809-4400-a007-2f4030536b73
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e5160db-3809-4400-a007-2f4030536b73
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 29 Jun 2021 15:12:58 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5e5160db-3809-4400-a007-2f4030536b73
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Jun 2021 15:12:57 GMT
mw
mwzeom.zeotap.com/ Frame 61AB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=18F41E3D-ABD2-4CEA-860D-A88018DD394B
  • https://spl.zeotap.com/?zdid=1332&zcluid=a4428cec88ff1aec
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN3ZfBuIDXgiFXviATL0l9o&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8...
95 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEN3ZfBuIDXgiFXviATL0l9o&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zcluid=a4428cec88ff1aec&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
66701616dd864eaf-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0af9ec224c00004eafc72a9000000001

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEN3ZfBuIDXgiFXviATL0l9o&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c80d0288-6dc0-4aa7-7283-8053053480ae&reqId=c486ddcb-2a48-4231-6696-aa8b33184ef2&zcluid=a4428cec88ff1aec&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5335556453911362704
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5335556453911362704
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:1048
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5335556453911362704
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:2217
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 29 Jun 2021 15:12:58 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Jun 2021 15:12:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c98e1ae0-597c-4d14-8f74-2b18e892634c
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c98e1ae0-597c-4d14-8f74-2b18e892634c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c98e1ae0-597c-4d14-8f74-2b18e892634c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFHQ5vVtJ2K3I8LHoC-X5yk&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFHQ5vVtJ2K3I8LHoC-X5yk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFHQ5vVtJ2K3I8LHoC-X5yk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3796571410758066839&gdpr=0&gdpr_consent=
42 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3796571410758066839&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:08 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
62b4724d-bddf-4657-83a0-8cf8ffa613f9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3796571410758066839&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
18F41E3D-ABD2-4CEA-860D-A88018DD394B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 61AB 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/18F41E3D-ABD2-4CEA-860D-A88018DD394B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58292/ Frame 61AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=18F41E3D-ABD2-4CEA-860D-A88018DD394B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 61AB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTTPi9AA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2018
x-served-by
cache-hhn4034-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1624979469.746778,VS0,VE0
content-length
85
x-cache-hits
15773

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1624979469.614864,VS0,VE94
x-served-by
cache-hhn4034-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTTPi9AA4
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V_b1q1L-ofFMp6n7BPK8-VH0p_BMoPCsB_epflZQ
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V_b1q1L-ofFMp6n7BPK8-VH0p_BMoPCsB_epflZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:574
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V_b1q1L-ofFMp6n7BPK8-VH0p_BMoPCsB_epflZQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=27f13dea-13b4-4271-8fe3-712877e1854e&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eadffb38-933c-46fc-bfa5-18dcddb29e2a&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eadffb38-933c-46fc-bfa5-18dcddb29e2a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:749
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eadffb38-933c-46fc-bfa5-18dcddb29e2a&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 29 Jun 2021 15:11:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 61AB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4383735470885525119&gdpr=0&gdpr_consent=&us_privacy=
1 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4383735470885525119&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:537
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4383735470885525119&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 29 Jun 2021 15:11:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 61AB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=18F41E3D-ABD2-4CEA-860D-A88018DD394B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 61AB 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 61AB 		0
0
/
track.adform.net/adfserve/ Frame 0D7A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=47244941;rtbwp=4.646535;rtbdata=VScbB5JZwQYUfnZx0tc2oQfvoWxedkaEBXZ15jTD_11oYv1X4eA_IiUj5btkpEZ0G2Y2UDgDIImgXq9iJgtaS0HHuaqghoCmL1yDLGT21ONjs3LzooiWllVlnH2CEwiezKKyxesIzqCvhRfEtqUPHmZi6Hpn5ZF6T9QMH240rTHbFbdzkOqstj_Nm4-C4gaSbOaB52-xldskPTIgj7LJ_ejGeWH89bNVJ0DQRIl3PLqwGuU78YVK-BjVS3AwzcKbDnOsQ84Aez0A41n_PKKfqdCbdH8FlFd2-Wl__8ZlO7h1JNsjRdNvK8s-6YWf9XROsb0xWde9PHO_J7_QTDWbwMN-1gsNOJHV4UFuhV40q881;js=1;adfxid=1x;948;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
488695ef783ad73160413dbc0a6eb0e090c2e6310e409a6a934dfff18c1e7590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2573
expires
-1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=41988246&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20depths&ea=Scroll%20depth%20after%205%20seconds%20on%20page&el=%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&ev=0&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&gtm=2wg6n0THSM3B8&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd5=News&cd6=Rene%20Millman&cd72=11&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd14=zero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&cd20=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd31=(not%20set)&cd46=(not%20set)&cd77=&cd81=1&cd82=2&cd83=0&cd84=1&cd86=cfaa4f45-94f8-42e3-aedc-9e0e18097678&cd100=(not%20set)&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7CB%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd120=Metered&z=1159014791
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 06:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32581
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1C69
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNs4CD6PnFRWnhwQx6OEPgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIj3h22EpkbmzxEXgL89tfw&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIj3h22EpkbmzxEXgL89tfw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Jun 2021 15:11:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIj3h22EpkbmzxEXgL89tfw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1C69
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNs4CD6PnFRWnhwQx6OEPgAABLYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECJJYeNX78HcS12PjAsz8fo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECJJYeNX78HcS12PjAsz8fo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 29 Jun 2021 15:11:07 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECJJYeNX78HcS12PjAsz8fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1C69 		0
0
casale
match.adsrvr.org/track/cmf/ Frame 1C69 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNs4CD6PnFRWnhwQx6OEPgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 1C69
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625065867
0
0
crum
dsum-sec.casalemedia.com/ Frame 1C69
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5&C=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Jun 2021 15:11:11 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8Cde0X0j1LYfod5&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Tue, 29 Jun 2021 15:11:11 GMT
ssp
d.adroll.com/cm/index/ Frame 1C69 		0
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 1C69 		0
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1C69 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YNs4CD6PnFRWnhwQx6OEPgAABLYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:11 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE88 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3df58d26135d68fa6661dbc5&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:11 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame CE88
Redirect Chain
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=90&3pid=9fade4a3-231a-49c1-87e3-287777aef6e2&gdpr=0&gdpr_consent=
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=90&3pid=9fade4a3-231a-49c1-87e3-287777aef6e2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:08 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
server
nginx/1.12.1
location
https://ce.lijit.com/merge?pid=90&3pid=9fade4a3-231a-49c1-87e3-287777aef6e2&gdpr=0&gdpr_consent=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame CE88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=3df58d26135d68fa6661dbc5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 29 Jun 2021 15:12:58 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=5e5160db-3809-4400-a007-2f4030536b73&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Jun 2021 15:12:57 GMT
merge
ce.lijit.com/ Frame CE88
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=512e0949-b22d-4252-8e93-840d339e41a5
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0920091c-18b3-4d13-9116-eaa59d13594f&user_group=1&ssp=fmx&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=0920091c-18b3-4d13-9116-eaa59d13594f&user_group=1&ssp=fmx&bsw_param=512e0949-b22d-4252-8e93-840d339e41a5
  • https://ce.lijit.com/merge?pid=26&3pid=eadffb38-933c-46fc-bfa5-18dcddb29e2a
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=eadffb38-933c-46fc-bfa5-18dcddb29e2a
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=eadffb38-933c-46fc-bfa5-18dcddb29e2a
date
Tue, 29 Jun 2021 15:11:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame CE88
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=3796571410758066839&gdpr=0&gdpr_consent=
43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=3796571410758066839&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:08 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:08 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4d48ebc5-4a56-4a73-8df0-8954700be57b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=3796571410758066839&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame CE88
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=SYMw3lgFlBac&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=SYMw3lgFlBac&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 15:11:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=SYMw3lgFlBac&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-htknh
expires
-1
/
track.adform.net/jsmetrics/ Frame 0D7A 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=1364&asset=627&sid=756&rid=10159&cid=4955
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Thu, 11 Apr 2019 08:33:12 GMT
server
nginx
etag
"5caefbc8-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
pixel
cm.g.doubleclick.net/ Frame 0D7A 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1ZbVdjN1JaRTJ1RXRBSGRRRjUxcHZnTEc2NFVwNkxsMH5B&gdpr=0&gdpr_consent=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0D7A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
eknnbrON
sync-tm.everesttech.net/ct/upi/pid/ Frame 0D7A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
  • https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_cons...
85 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTR-i9gA4
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2018
x-served-by
cache-hhn4034-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1624979469.746770,VS0,VE0
content-length
85
x-cache-hits
15773

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1624979469.614888,VS0,VE98
x-served-by
cache-hhn4034-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D&_test=YNs4DAACTR-i9gA4
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
cm-notify
creativecdn.com/ Frame 0D7A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:11 GMT, Tue, 29 Jun 2021 15:11:11 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
date
Tue, 29 Jun 2021 15:11:11 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55965/ Frame 0D7A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs&verify=true
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
0
0
sync
ups.analytics.yahoo.com/ups/56554/ Frame 0D7A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/56554/sync?uid=8Cde0X0j1LYfod5&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=8Cde0X0j1LYfod5&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
0
0
sync
ups.analytics.yahoo.com/ups/55944/ Frame 0D7A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d
  • https://pixel.advertising.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
0
0
sync
ups.analytics.yahoo.com/ups/55973/ Frame 0D7A
Redirect Chain
  • https://trc.taboola.com/sg/marketplaceaol-ssp-network/1/rtb-h?taboola_hm=1
  • https://match.taboola.com/sg/marketplaceaol-ssp-network/1/rtb-h?taboola_hm=1&tbid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&query=taboola_hm%3D1&isDirect=0
  • https://pixel.advertising.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1
  • https://pixel.advertising.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
0
0
sync
ups.analytics.yahoo.com/ups/56465/ Frame 0D7A
Redirect Chain
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
0
0
sync
ups.analytics.yahoo.com/ups/57769/ Frame 0D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=nexage_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=&_origin=0
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1&apid=UP3bbf5b41-d8ec-11eb-b6c1-0ea9e8b5cbaf
0
0
sync
ups.analytics.yahoo.com/ups/58230/ Frame 0D7A 		0
0
sync
ups.analytics.yahoo.com/ups/58281/ Frame 0D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZTJRQWJoRTJ1RzdwcHA0dFljSS5LZlpPbEliUEZOen5B&gdpr=0&gdpr_consent=&_origin=0
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 0D7A 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04d0bff275e0cea9c15e2eed08bd7eaf63748eabca876b7b9ad25abb5f69c247

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Jun 2021 18:04:56 GMT
/
track.adform.net/csimpr/ Frame 0D7A 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=47244941&csi=T2KdWDkWLHQwdjR6MlbraoX8Qd9qzI4ODK_Fn5obeJ4JDwKV3Zer3H_HkAlfVYYJxDwlpp37YhSinwZmQvkdV2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:08 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9865693.js
s1.adform.net/Banners/Elements/Files/2040633/9865693/ Frame 2E8B 		29 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/9865693.js?ADFassetID=9865693&bv=257
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b4c44e4fbf04f619a3a4a6cd63fb88bada44d456139a156cce9cbdfbcd85388b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
W/"60cc5732-7405"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 2E8B 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
bg.jpg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/bg.jpg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ba111790d2733014a3aabb67e95f555e8039bbb1b4f92d918b06edb691c5ca91
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-2e56"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
11862
toaster_handle.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/toaster_handle.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1832f00ecd02350f7c76be4cbc1d53befb542e33a143ffc844f10e2363995649
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
"60cc5732-43c"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1084
light4.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/light4.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae320879cc74363b5ff25108302d511ca6831538f49b1aa997aba9f86ea850b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
"60cc5732-11f3"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4595
light1.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/light1.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1cf4232e87a56f0a1a61575db0cb2f3e4335e5e56e4281d7a9de39288dcefc1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-487"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1159
light2.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/light2.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6193e8b96cc955e8b7d2245a1c29b963fbbe27f5f59ea049723fb9634adfc9a7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-469"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1129
light3.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/light3.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dedcdc4d7390f516832d5270bf9079c3d60ab70d8dac22cc1ff30188f53157b2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-1785"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6021
head1.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/head1.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0fdaab3fdd40491444dc6f4652b9e296487f9c9e0fad0901524ccf5f54270a04
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
W/"60cc5730-5ca"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
head2.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		874 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/head2.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
53df9c24519d4c49aea9904ace0419313098b18ca0318813f478ea47b345701b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
W/"60cc5732-36a"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
head3.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		657 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/head3.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5738c706ba3586e54f2485661763a5651a4dba54f1b00868247a82ddccbaab13
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
W/"60cc5732-291"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
copy1_1.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/copy1_1.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0d99da16540163a18cd6f4468db202fafc8da90ace302e6fe65dfc3a2b8ab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
W/"60cc5730-d24"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
copy1_2.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/copy1_2.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
db5beb3d9ca677e045237d7ebccd952b3825ff461dfc20d23af5e9e72a1e800f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
W/"60cc5732-74e"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
btntxt.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		1 KB
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/btntxt.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e53801c376208fd708030cce00005be8d1237860045f18c92efd23774aaa0a79
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
W/"60cc5730-4da"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
ether.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ether.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88d173cd731b7455f84f60e71cbb64cce6a84ab3e03ec1af7976916420c1d3bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-1710"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5904
ether_light.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ether_light.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ef0eff40c7b6cf2cc2f62a78544c35eb621669e120a40da07983e3c46689a61
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
"60cc5732-179d"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6045
bitcoin.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/bitcoin.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dc74e656a6a5a262d2dff6060514004e58350801cc017c2149ee75665c31b5de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-16b5"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5813
bitcoin_light.png
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/bitcoin_light.png
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6d51e4edee568e534ef0fbfed6600c52ee194bb02bc8e34a8d9fa84e7aed1d70
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
"60cc5730-1784"
x-cache-status
EXPIRED
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6020
logo_crypto.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/logo_crypto.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4a90ca21b615b97723155ea0ae8664d48ca1793d510ea6e6ea8efb8a74e5989b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:02 GMT
server
nginx
etag
W/"60cc5732-12ac"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
logo.svg
s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/ Frame 2E8B 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2040633/9865693/bvpath_257/logo.svg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/d31d160d5581a0a577b7c121b3b4b31e090f10de1d4f7c5fd674004627f9a0e1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e8816b92796b926fc93d68c15a1dfab63c84bef997ce0f31999b574d91128762
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:11:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:20:00 GMT
server
nginx
etag
W/"60cc5730-1877"
x-cache-status
EXPIRED
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
/
eum-eu-west-1.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 29 Jun 2021 15:11:10 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
track.adform.net/serving/unload/ Frame 0D7A 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5335556453911362704@@47244941,1094177514850890191,100|1201|0|0|0|0|0|0|0||47|0|409|fd0b3520e0cf4c58a242d47e5e3f36e7_fd0b3520e0cf4c58a242d47e5e3f36e7-1|||1|0|0|RsXga5A0Hzq48M5tcwHHbdyT19asbn6Axs3ahou3Fvrkjx7OnzBmZ8kllzAqADQrA7z_uuw_WOM1|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 0D7A 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=47244941&event=178&time=3&baid=46004001&name=Viewable%20impressions&imprid=1094177514850890191&icid=5335556453911362704&eData=T2KdWDkWLHTWS7zOPUpyGULefXOBh2p2YaJU2uM20NlsVNZhzraBNjNbIu8m8feAOwhfVFQ_ZUEau94oJsHc8Q2&rtbdata=VScbB5JZwQYUfnZx0tc2oQfvoWxedkaEBXZ15jTD_11oYv1X4eA_IiUj5btkpEZ0G2Y2UDgDIImgXq9iJgtaS0HHuaqghoCmL1yDLGT21ONjs3LzooiWllVlnH2CEwiezKKyxesIzqCvhRfEtqUPHmZi6Hpn5ZF6T9QMH240rTHbFbdzkOqstj_Nm4-C4gaSbOaB52-xldskPTIgj7LJ_ejGeWH89bNVJ0DQRIl3PLqwGuU78YVK-BjVS3AwzcKbDnOsQ84Aez0A41n_PKKfqdCbdH8FlFd2-Wl__8ZlO7h1JNsjRdNvK8s-6YWf9XROsb0xWde9PHO_J7_QTDWbwMN-1gsNOJHV4UFuhV40q881&rtbwp=4.646535&rnd=319622658
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:10 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931015&asId=df1f8e55-9062-b8d2-73c9-a46aaab2b5da&tv=%7Bc:gWAzWJ,pingTime:5,time:5175,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5175,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:153,wc:0.0.1600.1200,ac:1076.662.300.250,am:i,cc:1076.662.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5092~100%5D,as:%5B5092~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:122,fm:sBJKeDA+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b118%7C1b119%7C1b11a%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e*.931015%7C1e1%7C1e2,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.216.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:11 GMT
x-server-name
dt56.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=41988246&t=timing&_s=4&dl=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw%20%7C%20IT%20PRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Performance%20Metrics&utv=Time-to-Interactive&utt=4606.700004577637&_u=aHDAAEADQAAAAC~&jid=1092339252&gjid=2132494103&cid=2052819291.1624979462&tid=UA-1011119-1&_gid=870553950.1624979462&_r=1&cd19=https%3A%2F%2Fwww.itpro.co.uk%2Fsecurity%2Fzero-day-exploit%2F359823%2Fwindows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome&cd47=304485ba-c13e-47c6-8a70-dba97b08cc96&cd60=2052819291.1624979462&cd58=&cd5=News&cd6=Rene%20Millman&cd72=11&cd68=Security&cd69=zero-day%20exploit&cd70=&cd64=zero-day%20exploit&cd65=&cd66=&cd12=Article&cd30=%2F359%2Fitpro.co.uk%2Fsecurity%2Fzero-day-exploit%2Fchrome&cd14=Google%20News%7Czero%20day%20chrome%20flaw&cd55=Windows%20devices%20targeted%20by%20PuzzleMaker%20malware%20exploiting%20Chrome%20zero-day%20flaw&cd18=0&cd1=Build%20brand&cd8=359823&cd13=20210609&cd15=Node%20(Article)&cd4=20210609&cd57=it-pro&cd2=0&cd52=Google%20Chrome%2C%20malware&cd74=News&cd63=Security&cd67=Home&cd17=424&cd3=zero-day%20exploit&cd62=Chromium%2C%20web%20browser%2C%20malware&cd7=Chrome&cd119=www.itpro.co.uk%2C%20www.itpro.com&cd118=www.itpro.com&z=1163891040
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1092339252&gjid=2132494103&_gid=870553950.1624979462&_u=aHDAAEADQAAAAC~&z=1323588065
Requested by
Host: www.itpro.co.uk
URL: https://www.itpro.co.uk/assets/87a6db53db6c9ea58adc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Jun 2021 15:11:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1092339252&_u=aHDAAEADQAAAAC~&z=584038694
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1011119-1&cid=2052819291.1624979462&jid=1092339252&_u=aHDAAEADQAAAAC~&z=584038694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 0D7A 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5335556453911362704@@47244941,1094177514850890191,100|4700|0|0|0|0|0|0|0||184|0|409|fd0b3520e0cf4c58a242d47e5e3f36e7_fd0b3520e0cf4c58a242d47e5e3f36e7-1|||1|0|0|RsXga5A0Hzq48M5tcwHHbdyT19asbn6Axs3ahou3Fvrkjx7OnzBmZ8kllzAqADQrA7z_uuw_WOM1|||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.itpro.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 15:11:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.itpro.co.uk
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
NRJS-85cca59f12bf4593115
bam.eu01.nr-data.net/events/1/ Frame D9F6 		24 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-85cca59f12bf4593115?a=158799923&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=10984&ck=0&ref=https://www.ultimedia.com/deliver/generic/iframe
Requested by
Host: www.ultimedia.com
URL: https://www.ultimedia.com/deliver/generic/iframe?mdtk=02437542&zone=2&type_player=0&sendstats=0&src=5f0uqp&width=683&height=384&urlfacebook=https%3A%2F%2Fwww.itpro.co.uk%2F&ad=1&autoplay=no&fstart=2&title=Windows+10+Hits+200+Million+Devices+In+Record+Speed%21&endMessage=um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_kqi6tec4_&tagparam=&tagparamdecoded=&sspParam=&visible=&gdprconsentstring=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.ultimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 29 Jun 2021 15:11:14 GMT
via
1.1 varnish
x-timer
S1624979475.947868,VS0,VE3
x-served-by
cache-hhn4020-HHN
strict-transport-security
max-age=300
x-cache
MISS
content-type
image/gif
access-control-allow-origin
https://www.ultimedia.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
24
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
3pd.criteo.com
URL
https://3pd.criteo.com/user-sync/pixels?countrycode=CH
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
www.itpro.co.uk
URL
https://www.itpro.co.uk/security/zero-day-exploit/359823/%3Cscript%20type='text/javascript'%3Evar%20adContent%20=%20'';adContent%20+=%20'%3Cscr'%20+%20'ipt%20type=%22text/javascript%22%20src=%22https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55953,55986,57926,55965,56554,55853,55944,55973&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=%22%3E%3C/scr%27%20+%20%27ipt%3E%27%20+%20%27\n%27;document.write(adContent);%3C/script%3E
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNs4CD6PnFRWnhwQx6OEPgAABLYAAAIB
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625065867
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YNs4CD6PnFRWnhwQx6OEPgAABLYAAAIB&gdpr_consent=&us_privacy=&gdpr=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=lZ4DspCWV-iOz1_ixppK4JOcUemOyAa1xZ8HbIPs&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/56554/sync?uid=8Cde0X0j1LYfod5&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba52ed-d8ec-11eb-9ce3-0a85bb9f8e99
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5335556453911362704&_origin=0&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55973/sync?uid=923b15bb-fb51-4369-8b81-c982a2018ade-tuct7d4bd88&_origin=1&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP3bba79c0-d8ec-11eb-81ab-0eed8afc3b21
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEDchwxkl_-VQwK-O58dfwrA&gdpr=0&gdpr_consent=&_origin=0&google_cver=1&apid=UP3bbf5b41-d8ec-11eb-b6c1-0ea9e8b5cbaf
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| __tcfapi object| dataLayer object| _sp_ object| __APOLLO_STATE__ object| __API_CREDENTIALS__ object| __APOLLO_SCHEMA_FRAGMENTS__ object| permutive object| googletag object| Zephr object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime object| perfMetrics object| __tti object| apstag object| __APOLLO_CLIENT__ string| GoogleAnalyticsObject function| ga object| lazySizes object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED object| google_tag_manager object| google_optimize object| _sp_queue object| headertag object| Criteo function| headertag_render object| pbjs function| sovrn_render object| criteo_pubtag object| criteo_pubtag_109 object| Criteo_109 string| InstanaEumObject function| ineum string| ULTIMEDIA_mdtk string| ULTIMEDIA_zone string| ULTIMEDIA_target boolean| ULTIMEDIA_async object| __instanaOriginalFunctions__ function| postscribe object| google_tag_manager_external function| hj object| _hjSettings object| observer function| fbq function| _fbq object| elementToMonitor object| config object| _ml object| ggeac object| google_js_reporting_queue object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ULTIMEDIA_param number| ULTIMEDIA_param_length function| _um_smart_deploy string| _ultimedia_host number| um_date object| _ultimedia_script object| _ultimedia_script_notif object| _ultimedia_script_visi number| _ultimedia_widget_id string| ULTIMEDIA_ACTION object| ULTIMEDIA_metas object| metas object| title object| h1 object| h2 object| times object| ULTIMEDIA_exclude object| match string| ULTIMEDIA_LOADING_SRC string| ULTIMEDIA_layout function| _appendUltimediaWidget function| _ultimedia_set_widget_params function| _ultimedia_checkIfScrollable function| _ultimedia_auto_append function| _ultimedia_load_synchronous_widget function| _ultimedia_loadWidget function| _ultimedia_isWidgetAtTop function| _ultimedia_attachEventListeners string| ULTIMEDIA_search string| ULTIMEDIA_mode string| ULTIMEDIA_date string| ULTIMEDIA_index string| ULTIMEDIA_host string| ULTIMEDIA_nb string| ULTIMEDIA_urlfacebook string| ULTIMEDIA_ad string| ULTIMEDIA_callback string| ULTIMEDIA_widget_title string| ULTIMEDIA_widget_footer string| ULTIMEDIA_widget_header string| ULTIMEDIA_overlay_title string| ULTIMEDIA_show_tooltips string| ULTIMEDIA_autoplay string| ULTIMEDIA_playlist string| ULTIMEDIA_width string| ULTIMEDIA_height string| ULTIMEDIA_jw_version string| ULTIMEDIA_default_videolist string| ULTIMEDIA_default_zone string| ULTIMEDIA_default_widget_title string| ULTIMEDIA_css_title_font_color string| ULTIMEDIA_css_title_font string| ULTIMEDIA_css_title_text_align string| ULTIMEDIA_css_title_background_color string| ULTIMEDIA_css_panel_position string| ULTIMEDIA_css_panel_font_size string| ULTIMEDIA_css_panel_font_color string| ULTIMEDIA_css_panel_text_align string| ULTIMEDIA_css_thumb_background_color string| ULTIMEDIA_css_thumb_border_color string| ULTIMEDIA_css_thumb_infos_font_color string| ULTIMEDIA_css_thumb_infos_font string| ULTIMEDIA_css_thumb_background_color_hover string| ULTIMEDIA_css_thumb_border_color_hover string| ULTIMEDIA_css_thumb_infos_font_color_hover string| ULTIMEDIA_css_thumb_infos_font_hover string| ULTIMEDIA_css_list_overflow_x string| ULTIMEDIA_css_list_overflow_y string| ULTIMEDIA_css_list_background_color string| ULTIMEDIA_css_photosgallery_selected_border string| ULTIMEDIA_css_photosgallery_nav_background_color string| ULTIMEDIA_css_photosgallery_button_nav_font_color string| ULTIMEDIA_css_photosgallery_button_nav_background_color string| ULTIMEDIA_css_photosgallery_button_nav_font_color_hover string| ULTIMEDIA_css_photosgallery_button_nav_background_color_hover string| ULTIMEDIA_css_title_widget_uppercase string| ULTIMEDIA_css_panel_text_uppercase string| ULTIMEDIA_css_thumb_text_uppercase string| ULTIMEDIA_css_footer_font_color string| ULTIMEDIA_css_footer_text_align string| ULTIMEDIA_css_background_color string| ULTIMEDIA_css_background_image string| ULTIMEDIA_css_background_repeat string| ULTIMEDIA_css_background_position string| ULTIMEDIA_source_logo_brand string| ULTIMEDIA_url_logo_brand string| ULTIMEDIA_css_header_font string| ULTIMEDIA_css_header_font_color string| ULTIMEDIA_css_header_border string| ULTIMEDIA_resize string| ULTIMEDIA_validated_videos_only function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| om82807_73647 boolean| _omvisitsadded object| ID5 object| ultimediaNotification object| ultimediaVisiblePlayer object| visibilityStats function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI string| _ultimedia_widget_position_place function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| obApi object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _omapp object| um_js_script object| um_js_prior object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms undefined| $ undefined| jQuery function| jQueryUM function| um_ultimedia_wrapper_kqi6tec4_SendHoverMessage function| um_ultimedia_wrapper_kqi6tec4_SendScrollMessage function| um_ultimedia_wrapper_kqi6tec4_GetPageRect function| um_ultimedia_wrapper_kqi6tec4_GetElementRect function| um_ultimedia_wrapper_kqi6tec4_RectsIntersect function| um_ultimedia_wrapper_kqi6tec4_RectsIntersectBis boolean| um_ultimedia_wrapper_kqi6tec4_ScrollToCheck boolean| um_ultimedia_wrapper_kqi6tec4_ScrollToRecheck function| um_ultimedia_wrapper_kqi6tec4_ScrollToPlay function| um_ultimedia_wrapper_kqi6tec4_ScrollToPlayForced boolean| um_ultimedia_wrapper_kqi6tec4_OverToCheck function| um_ultimedia_wrapper_kqi6tec4_OverToPlay function| um_ultimedia_wrapper_kqi6tec4_HasClass function| um_ultimedia_wrapper_kqi6tec4_AddClass function| um_ultimedia_wrapper_kqi6tec4_RemoveClass function| um_ultimedia_wrapper_kqi6tec4_ShowADPMessage function| um_ultimedia_wrapper_kqi6tec4_SwitchVideo string| um_ultimedia_wrapper_kqi6tec4_path number| um_ultimedia_wrapper_kqi6tec4_width number| um_ultimedia_wrapper_kqi6tec4_height string| um_ultimedia_wrapper_kqi6tec4_mdtk number| um_ultimedia_wrapper_kqi6tec4_zone number| um_ultimedia_wrapper_kqi6tec4_display_adp_message boolean| um_ultimedia_wrapper_kqi6tec4_playlistActive object| um_ultimedia_wrapper_kqi6tec4_titles object| um_ultimedia_wrapper_kqi6tec4_labels string| um_ultimedia_wrapper_kqi6tec4_urlfacebook string| um_ultimedia_wrapper_kqi6tec4_ad object| um_ultimedia_wrapper_kqi6tec4_params_iframe_id object| um_ultimedia_wrapper_kqi6tec4_params_iframe_type boolean| um_ultimedia_wrapper_kqi6tec4_no_change_title string| um_ultimedia_wrapper_kqi6tec4_widget_title boolean| um_ultimedia_wrapper_kqi6tec4_from_playlist number| um_ultimedia_wrapper_kqi6tec4_playlist_index number| um_ultimedia_wrapper_kqi6tec4_ori_start object| umStylestarget object| umStyleElement object| jQuery191025876895799241306 function| um_ultimedia_wrapper_kqi6tec4_ultimediaEndRoll boolean| um_ultimedia_wrapper_kqi6tec4_hoveredOnce boolean| um_ultimedia_wrapper_kqi6tec4_muteForced function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages boolean| um_ultimedia_wrapper_kqi6tec4_muteState object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ele object| __IntegralASExec number| lastScrollTop number| scrolled object| Adform boolean| __adform_onload

14 Cookies

Domain/Path Name / Value
.itpro.co.uk/ Name: _gat
Value: 1
www.itpro.co.uk/ Name: consentUUID
Value: 4e422bce-f3e1-477c-91fa-1afff91214a9
www.itpro.co.uk/ Name: _sp_v1_lt
Value: 1:
www.itpro.co.uk/ Name: _sp_v1_csv
Value: null
www.itpro.co.uk/ Name: _sp_v1_opt
Value: 1:
www.itpro.co.uk/ Name: _sp_v1_data
Value: 2:221358:1624979461:0:1:0:1:0:0:_:-1
.itpro.co.uk/ Name: _gid
Value: GA1.3.870553950.1624979462
www.itpro.co.uk/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXQGQlksAJ3zQ2mdAAAA
www.itpro.co.uk/ Name: blaize_session
Value: 8192c85b-b6a6-4376-9fd9-18707ab650e6
www.itpro.co.uk/ Name: _sp_v1_uid
Value: 1:119:5acfee54-7948-470d-a1b2-cda9fbd83cdd
.itpro.co.uk/ Name: _ga
Value: GA1.3.2052819291.1624979462
www.itpro.co.uk/ Name: AWSALBCORS
Value: mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST
www.itpro.co.uk/ Name: AWSALB
Value: mm6uvozGdThsSk0De2UFUuRkdtXdcnerW860ygct0py43J9vcBfMO+yzEqR5fL2ugBLPtnSk6uYUfVUFd0wXkYp3N3yOoWjwYUXYKoKRNedbphcrUKHzOS4XrOST
www.itpro.co.uk/ Name: blaize_tracking_id
Value: cfaa4f45-94f8-42e3-aedc-9e0e18097678

20 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.permutive.com/5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js(Line 1)
Message:
Permutive was not initialized. localStorage not supported
console-api log URL: https://itpuk-mms.itpro.co.uk/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: https://www.itpro.co.uk/assets/d5b68b54811cff037923.bundle.js(Line 1)
Message:
no adUnitPath provided
console-api log (Line 1)
Message:
SyntaxError: Unexpected token u in JSON at position 0
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video.min.js(Line 12)
Message:
VIDEOJS: WARN: A plugin named "errors" already exists. You may want to avoid re-registering plugins!
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video.min.js(Line 12)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.7.5/video.min.js(Line 12)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://www.ultimedia.com/js/player-digiteka/dtkplayer-vjs.js?v=5.11.08(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api info URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2106212012000 https://www.itpro.co.uk/security/zero-day-exploit/359823/windows-devices-targeted-by-puzzlemaker-malware-exploiting-chrome
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.001708984375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pd.criteo.com
86ba9dd37e15427c95c9a8046cac1b05.safeframe.googlesyndication.com
a.omappapi.com
a.volvelle.tech
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.videoadex.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
amplify.outbrain.com
ap.lijit.com
api.omappapi.com
api.rlcdn.com
as-sec.casalemedia.com
b1sync.zemanta.com
bam.eu01.nr-data.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.permutive.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d5p.de17a.com
dennis-d.openx.net
dig.ultimedia.com
dis.criteo.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
encraveimg-yowgo.netdna-ssl.com
eu-central-1-web.ssp.yahoo.com
eu-u.openx.net
eum-eu-west-1.instana.io
eum.instana.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
in.ml314.com
itpuk-mms.itpro.co.uk
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.itpro.co.uk
medialb.digiteka.net
medialb.ultimedia.com
ml314.com
mwzeom.zeotap.com
ngs30c.digiteka.net
p.adlooxtracking.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
play.adpaths.com
pm.w55c.net
polyfill.io
pool.admedo.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.skimresources.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.skimresources.com
s.yimg.com
s0.2mdn.net
s1.adform.net
script.hotjar.com
scripts.webcontentassessor.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
t.co
t.skimresources.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track.adform.net
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.itpro.co.uk
www.ultimedia.com
x.bidswitch.net
3pd.criteo.com
d.adroll.com
dsum.casalemedia.com
match.adsby.bidtheatre.com
match.deepintent.com
pixel-sync.sitescout.com
s.amazon-adsystem.com
sync.ipredictive.com
sync.srv.stackadapt.com
tg.socdm.com
ups.analytics.yahoo.com
www.itpro.co.uk
104.16.190.66
104.19.149.54
104.244.42.197
108.161.189.32
13.226.155.37
135.125.8.31
141.226.228.48
142.250.185.130
142.250.186.66
144.217.68.139
146.59.148.16
151.101.1.26
151.101.114.137
151.101.114.49
151.101.13.27
151.101.14.217
151.139.128.11
157.90.167.185
162.55.6.210
178.250.0.173
178.250.2.131
178.250.2.151
18.156.0.31
18.159.182.76
18.184.87.203
18.195.155.181
185.184.8.65
185.29.135.227
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.86.137.133
185.86.138.132
193.0.160.129
193.122.128.135
198.148.27.140
2.18.233.180
2.18.234.190
2.18.234.21
2001:678:cb4:bbbb::11
208.100.17.180
213.155.156.181
213.19.147.45
216.52.2.19
23.37.38.181
23.37.42.132
2600:9000:2104:d000:8:48e:53c0:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:68b
2606:4700::6810:135e
2606:4700::6810:7aaf
2606:4700::6810:9cf3
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:28f::1fd4
2a02:fa8:8806:20::2040
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::485
3.126.56.137
3.211.86.214
3.215.252.168
34.107.231.31
34.120.133.55
34.199.13.197
34.251.173.19
34.252.255.244
35.190.59.101
35.190.91.160
35.201.67.47
35.210.178.101
35.210.53.219
35.244.159.8
35.244.174.68
37.157.2.249
37.157.6.242
37.157.6.251
37.252.172.249
37.252.172.38
46.105.202.126
51.210.215.108
52.17.151.21
52.209.37.147
52.211.195.119
52.28.203.152
52.29.176.117
52.86.216.75
52.95.124.170
54.228.130.197
65.9.77.116
65.9.77.16
65.9.77.26
65.9.77.3
65.9.77.59
65.9.77.71
65.9.77.94
65.9.86.127
69.173.144.138
69.173.144.139
70.42.32.191
70.42.32.31
72.251.249.9
76.223.111.131
85.114.159.93
89.187.169.3
00d94001460cc1cf276c692c936dbf34163f7d00f40ad5bd704701aaf9bdbc82
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
025cd92e900ceb1570614c16c3a0828fa3c439bcb47cf8dcf059e9eeea3bed77
02f2f22a824b04b7d2ed365b0a9e1b59864bf08dfd0f8d0a6ab6d8125d54a227
03aea583e92369ab2feedd4c73f74a15eb9801a8cbf49f7fc4f9949e5ce2e952
04ce9086d4e84555aead139e022ae13af603cfef38693eaf4b6c8355643d2f48
04d0bff275e0cea9c15e2eed08bd7eaf63748eabca876b7b9ad25abb5f69c247
069d1159097f2fdb9b341cbecb74891e636afa00b447539670fb64698b9456c3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071f8506c58b996414da5dc93d1151f045b7c68d23833c7eb801cb1273634175
073757f4f5ae4b640172dfea4b000cfb945b80378b4c0bef96bedb7078c2660e
07b2d281cd8f89c7dc554e8df615cd87d6561f4a18de6f7bc93af4eb2c8162bc
09dfe3ad69057ef63dc9872d0a738078e8b8601e78f94746a10420981f25bd8b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ccbc18c909f85c80b8630259e73aae53ebc930f33c8af450ec7d3a6232bf03b
0d99da16540163a18cd6f4468db202fafc8da90ace302e6fe65dfc3a2b8ab1a6
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd
0e0531da52ec3d85b2cdcbe832bb619574e63c8ea9d9ebdec448d1ec42aac70b
0ee5865cac73b59a7b8a11ba8db002ea65ef50ed4176fbd7ec9ba8af95cccb83
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb
0fdaab3fdd40491444dc6f4652b9e296487f9c9e0fad0901524ccf5f54270a04
10141d430afbc671ca223a21f4ce131bd63132e37a7b09d90c3174838a5466c1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
13a9bebc361b365753abc0f6bee40287066f61aec1950fb0ec3de6c58a41cc56
14218f418555e825b0e245d8c1b0cb601452a0b3f3054dcb76df99c1b4e96edc
147af9ba32c602c6c199ded59ac56c2006270c804573793173fd7cceefd010a9
1568f3d521be98d6ac08cf4a87ca47a5c48c1a365f44f039334ce98eb2c145ef
16da8ef11001f62f1edf810cf8cf5a020187a2ffac18324aef2c1ce59105937f
1832f00ecd02350f7c76be4cbc1d53befb542e33a143ffc844f10e2363995649
185be407cf0ef94458374a523394a92c7badcfafb064500673700fab881a7106
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190aabd362fd22427a4279865e395cda5dc026f8b277f37ab390dfa97cccee74
1923aabd6e22a13378485bd1a3fc8469ff5d5d3bbed0b12734bfb47109c77a38
1c1c2fb8251cd4ed4384912ee1dd9aa7c73528f8410617b565f74b465499e389
1ceb61efa46e49c182d185e534a7ec54db2166a15a9e90207136e0072ba62338
1d0d8708dca3717e02dc3ab9545372a1ad2758744920e5f66bb7cde3eb3cf47e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e4b8807f96cf168d1453dfb81931172be76bb8285296600e25b109cb30e07e3
1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f2021c16fa55a9677df40e86252856d63bef5b0bce2ddc80f1f63a229efd606
20a0fb813bb15d803f180765297e4f546b6e1322b219c4511b8b435644e34a1c
2232006081dcfc75ed7c5a966f351e155deb864caa1a41485ea3116218af7304
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232e2107e9ebb4adaae34e5aa7f8eba38b819ed4a735bac8f26d41106635c97c
263d376e96229e84ba11c9708ad9f26daf2138498c86af090c9cf975a59d009e
264124f836810fa028545303c7787757d5c369b34a4fc8acd935fed003ad97c4
27196b24a9d3ef46bf1bfde433c00173a8d79d4a6df3996be4bfd6c19884216e
2851db9259fb25d45ed61488277fad3945eb5b62e85cd4dc81334fc700260f97
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c00ab62f3747eb796a085b53f1a48c0c23fb0c1e32e9123ed49d7d5bf38ce19
2d8bdf5cbbfb8d67cd734420e8c8806e0ba866f2439f0259ae367009474c58b1
2f548bc7676dd25abb9901005467dc9e3c7df5de142e003293bdb2409378a310
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88
331e835e21ac24ba61cccd016b79d67d1c0c4202e5397acf1e77aba6ff461095
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33faae9cc249594d60fc7be61d039d9f36327a4f2e906e1bba37c74536c3ff0e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
376f649d41f615bb6f7c876f5760cc355461a496f75c273a48f5a968c672fd75
38ff52a1e8900b85d56f5a1981aad5a8d1a5e84440ccba4f707b33918f499817
3903f8ff24b1fbbbd567fe21a347a374ab411ea154247573e148afd6d514ea32
39f98926fafe28f793b73ad25d3d6f7f6d314a2fe032095f963270112b189106
3b63f22ebb2b4de1e357f3151a0a10e33b50beb74e199eab9c5c47674c9776d9
3bd41d9219e52697d65ddb0ad2f954103e2830e9ac292b616396552b714372a7
3ca5fd7c380b11d2a3e892ba22641c5ecaa55cf0e9ea6854fad6ae77b9871622
3cec4f4fe9e09a4fd81be5bf159e350aaa6e47fae3cf11e179a20487937e7ae2
3ead3f5334b11f153bc63e3339db233df14200bb70895e0cf0a7a008496b3abc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee2e4eeb5b7ebf68fafdd8395805ba0e677ba1a4d6cc6bac85a8be01cb3635a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
43fc744dc9f9bdd26ba499a6e1840b548740e7ce2b63e7c986d997d2bcae496e
4515371f4fda6ee80d72cd3112a682a7b55293222bc8bcb998d8d44b9964a8af
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
488695ef783ad73160413dbc0a6eb0e090c2e6310e409a6a934dfff18c1e7590
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49d49113c5b0992f21d014f3f3897f9d92a3c35248706240d2065e405a0cd21d
4a90ca21b615b97723155ea0ae8664d48ca1793d510ea6e6ea8efb8a74e5989b
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4cec5f2e201b4965b272ed9f47ae44372bb2ac164b81a09df417a95476bcf5c6
4dd7b23c2f03081eeb1c92ebdd1278ce3ab8ca780e6f3fd73cee964284092b02
4df0be1619fed792226ccb006a7a797a1b5488425fe5c00c6600106c53ff04d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
506cb3b15c44a695f83da96a59db62dd20121ba9f2c74f987278a6c9a732985f
53df9c24519d4c49aea9904ace0419313098b18ca0318813f478ea47b345701b
5406b5dc9d90c70704838ee9b158a1a91dfa3557141f77cc0559fd047d936abf
55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4
55e3c0b7d3098a16dacb8a17a9470b8a288ac3641dffd16c0a18650dd1740f0f
5738c706ba3586e54f2485661763a5651a4dba54f1b00868247a82ddccbaab13
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5b68435091efe0f013cf240497b64e060340e2492f13e38c5c22368eaaf8be0c
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec
6193e8b96cc955e8b7d2245a1c29b963fbbe27f5f59ea049723fb9634adfc9a7
63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
675ab0a24f0160c73eaa7dde430b9f5ee68a54dc0c0c8d7d2bd0a811f30f6fd5
685d6337f48ce3445d2329b7d6ab93d4b86fff7e7e5d778ad29e3a685ccfe99c
6926a6ea145e3c647c89faae290c2e304fff0efb4db7f8e0e899177235276331
6962a20f51eebd0c6a6520f42ab5601038b24fbb3804c55835402331cf69632b
6a58d6ec0dce13e67c01bf06a5acf68a71c11d2a4fe66889315d39c2561b3380
6abc809ed71a92bec82440fae2494a4fa82eb8418c0ecc337daa4431e578eea5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7c4b247f411301c52a6383fd5dc496715877b9eb4a87e14074055ae4324b6e
6d51e4edee568e534ef0fbfed6600c52ee194bb02bc8e34a8d9fa84e7aed1d70
709d9150839a787a4fee7a8b72fdf4e1942b7ef7890d44cd57c5b24c92e7fc7e
72db3e1224c16f415c4f53a79a0b88fbaaf0f43a31050ba16fdb783b2e668505
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743ef5caa91e8dd7acd69c1716c60e7742fef311bff5f3c27db15235a64e8607
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
76b7bfe1c73966516f95f039734ac728c843a664e8fb860820b75c08bdf7be07
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
780396b361c35383795d3d1fb3e71e8c1e57e717973f3a4599ec4f11ba75f84e
79813ae92270de7d2a48077ce9b4c19b6dfd29c6c1fa4cfbcb449b2eac8d848b
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7aa5c49dcc7e10403ad4f0df50f437e432039092d96851bab3cbe80a11eff6d7
7b5bbf69b7065c52a10340ab1d21a1176079701e32f4ceb55b7d80a1d3646dd1
7bbecd62c135e8e76a0840ac4702654b9fc05b2b0a28772a0402df881025a07b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270
80a92d061c1c25735d1f8ff5c9f24819c7314543ec602fbe851545c96ebbc879
81eb776ff62551670da258a4b118685651cd73a9c7086ecd884d6cdf81deafe8
82365680ddb2173ed757ef8ed4406085685a53b3ce36759cc31e91b151946806
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841dda009a30e11d743b99445e7cd25c7b1ff0bff50940444cbe4e25a4911ca8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b5df92360c4d523db2cb22f0e093ed15ced3448ab87f5c715645c7fc2f36f
868abe3dddd718ef1b9cd96047c24104ee7f84367eb58d9e64acf85681a633ac
875fd074da38bbf4a949f924eaab1bfb276fd83efdef258b4e1da4fd61c0394d
8769a3dafdc1bb1fe406cfd0f1df3082dbb334938edbb7318a1097bb0b1f2c34
88d173cd731b7455f84f60e71cbb64cce6a84ab3e03ec1af7976916420c1d3bc
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3a295979ae198a823b01b449773d012b7c21ba0e360ee4989ad8e5c098372c
8d532834515d84f54716af755d65e2d741b8159c522d29a44b97010f77ec50dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
8ef0eff40c7b6cf2cc2f62a78544c35eb621669e120a40da07983e3c46689a61
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f77a5637f21ed2fd3ec40fdabed99089c7e9483b26601ada71eb546cf959930
90bf6452264f553da2a967eb617aeb61a5fd7e18fbe6b61db1716a8de702d832
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
91f969259626d65a715eb61bc110f8a9bf6b1126e4b0ec037656d857de277d3e
92240feafb2d4c5006e16fe2f815ea63ec34d1fab9462300133578e439bddac6
9498248883db26dbcf495d282d4d3cadd56e4c6f94c2e0a92766db10a64b4b0b
97652b1ed639c0cadcf7aa155ff1230487834c718d683e917dd8dceea4dfc7d0
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
980d6d4b12edc7c0f3a0ebbbadfad32071e274ad68451fbe4c17b45728e89aaf
99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a
9b68d9ddbaa7176e3b0900cea32917bdd480a862ca53f62e6d5dd1e3ac283756
9e8b8d958927d7f783e6f85cdecf55659bcc556bc477514237673b9a1f2e3704
a0997e5c82109ffbaff046440caf5cf3bbe893b4bf2e2de679fc2cb92488f963
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a3163583e0b98601bf0a68f32692b70e5c93db4b2d0485d2e37ca332d599d2a3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c6d5f1b83309ee53a45ee80141cd6e4806e7b0a1a5a347640485cb0c382d2f
aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0
aaa2c811c57c6b7d0d1dc088a9642b932d0a4039e582bb8f75ad3d250a180317
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab010318f760066cf5096d8b754aa3f100f6e5fee09e78b4c2964c8d4ca6b747
ac238ac5b6da944771cfebfb30ba45dae84cc12fe7c2e32308905cb3cf49e149
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
ac54fea63601fcadab5626d45a7a1734ca37be4032dc1e993121f921e2756bab
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad07ed5408a147e7557c9ff3855b1b772a566854acfc9c408c4e1f22a3e8de5f
ad306b8e5ab9ac1581ce7c2cc82b2d4ddec7b84cce5a79c2a874c5a06a5be4b0
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795
ae320879cc74363b5ff25108302d511ca6831538f49b1aa997aba9f86ea850b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe59f5429b4e4e2380d1d540fbdb4968a5b9a0537b96a86537bd461fb7264e4
b0de779f89daff8685ab83e7000a94418506223caa4f47aacf222d1273981876
b0e26c9f6e25eb18b5431e8cfc26cd26c6379d4513016c36f3438ef7dd5bb533
b1023158c297279e5f7d966d96922e6323ba525147a8118b2ed21ca58e93e849
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157c5fe6cce20eb1865e471bae227e10030db3d2afbe6528a3da48d7b756a68
b1cf4232e87a56f0a1a61575db0cb2f3e4335e5e56e4281d7a9de39288dcefc1
b224fa0824a23d0d77b0844afc722cbc602c1ee741502ee9b97ddb3d50710c47
b2348138cf45f4fecb071e3d4e563a20c04fd50a5751511a18e3d9036a4d498b
b394ea8edffcaa643791a6d6ae840f701975acead68e3a8a627f0c0122034a63
b49f82370e2400cfeceb1450866b5466704346385d3ac6f8e691a967c9c494db
b4c44e4fbf04f619a3a4a6cd63fb88bada44d456139a156cce9cbdfbcd85388b
b4cf4f5fecd3150fb69d10e9d3923e5873d3a9eb0df9adb7ce15534028d3c73d
b59dfbf223f6bcc21bb962c036c40f92f76d56345014b13d37d2b060cba89a13
ba111790d2733014a3aabb67e95f555e8039bbb1b4f92d918b06edb691c5ca91
bb69b85ecd4fe4364991a48a7b8271e79fac3c1d8ec97d563ae3ddf769381919
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
befb693bf20e47e76b00cb642badbe786db0a5618b89e15f77f3c56761a97324
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c017bab41370a224411c9522e2581d2587ee27bda9ffc5e8a96d0640aa5fd7ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2eb68451becc764a87e263a9f8012dcbec8083b69f925d3bfe318024500dcd8
c3d390d87f41e52285ff67b808d41b5e0353d00b00d08ebdd8fbe96d3ddf034c
c4013831b53a18f41335d491b32e52eded4eb042ddbeb3e1c552b0500fd903e5
c468503fba1e63b16921e69d6619d77bb0b5a78c91009a060e0da5ddb1ae83c7
c51cd1c3a44663f2aeb238fa042384a71d7debc6f58367b0c850df4993fdae62
c716194480e94aee8bec89b91917cb4fdc9954e442e33c2802b61c711f2331ff
c72ab07ce7088cdee7e74e5ba58e43615dd0f6b95b9929a72de7278fe06f39bd
c9f1a1229ac3d2b9105718a63f0a2a15e12ef06fcdb74eaa87949dce59f6150d
ced5e84ff10ddcaf61b54b142fcf55a634e762b0198b6ecc1e1639e740f71d3c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d35ccf1378413b0fb226a5f9048be60b2eebe99bf5d3f6a9425de794408c1a89
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa
da1fb1625c502e9949efdd19f7470598a3b721bcb8724179a4c7c8778e763078
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
db55906eff8f6f4923e533ba24c644a050657ab3b0cfdd5a1eaae93d33e33907
db5beb3d9ca677e045237d7ebccd952b3825ff461dfc20d23af5e9e72a1e800f
dbad73e6a578591bc1ddf85541c17790aefb8a1a133cf35a62c2a4c2bc012051
dc090156697f23e38f73a05108982f9245bb244a07c9cea746a06ceb2a6b3cf5
dc733261ab88a079bdc64de0537fc3e564b10ee44fb0e0c0f3b8dc0547c65768
dc74e656a6a5a262d2dff6060514004e58350801cc017c2149ee75665c31b5de
dcc5053a980e30219210fb2396a3e2995df66e9c6b9d1d5d27b21802570c5248
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedcdc4d7390f516832d5270bf9079c3d60ab70d8dac22cc1ff30188f53157b2
e0f752422267c7f065056163ce76a5b606b11c48af03549fcc90c4bf0b37e70f
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e2f0fef86bbc1dc648c9733599f33d16de760256589f6d64a92cb9ac98fae138
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53801c376208fd708030cce00005be8d1237860045f18c92efd23774aaa0a79
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
e78f56276c04b58863c43424709892edc08c45c7eb17bdc289d3cdd2a060fb1e
e7f151964a074a9964d27f732d7ae5f1fedd7ee0af1f4a6a66c192dc58e497de
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
e8816b92796b926fc93d68c15a1dfab63c84bef997ce0f31999b574d91128762
e8999e93b5838765fe922ad9d7329fdf7e5f925356c706b28b83c8afa918dd62
ea69ea59ca3ff7df1c4ef8d2cba121bc6283567c21aed8ed5b9076f74f4f4603
ecccd749a4cae19b5aed65d5412e5a2e342a0cdf21183ddd7c8b0ea3bc3c611f
ed2e71cda88845fbb19173cff18433d3ce7a1fce9aec515685382a6a72579ab5
ede55256157f0e4820a4fa72450ad84457b00e7ce4fef3a044b9b1d8c21c47f7
ee7c31d8dc3e1ad590cd8d0e241f4fe41a8b04d618ffb75b56277f4cab146284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f45b2731f6ea59cd3cd33b4f31bb92fe6acba3f02a46dc21f757d24bba232aa4
f76b4f414981d8d2903fe29620d617055716a0f833d343dc87027b87990f881d
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
f8f428471bb30a29cc91ee44a876533e69adee504e4eb6370fb3b6b8b305b3fa
fa0911dcc4faf8c1af34373c4ef2646f429c5d322344e0e94034c1b8a5fb72bb
fbdaf6e2fdf2aede3bc345aa91910b3e79254f10c9756e8bddac7d111c855f1c
fc6713e8b0cc6af0809d5742a6651ceb0785af7c0eaa5840eae558bcc571fabc
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd232317ddce228496b1e1b3da1b1a58c13616fc2bb163c974a92ebea3c0df96
fdf89a316c785a9776575b937a81de327202a4e2bb364cdd5cba4f31e72d7cde
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fe9e882e98abf6d620df7ca9b1a6c6ffba0a1750b18bd9373d30e1c64400c266
ff995e78908c70afe52ddaeea7699bf5683596efbd4839b336c8a58eda6b0cb0