www.salon.com Open in urlscan Pro
2600:9000:2156:4000:1a:b9b9:50c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Submission: On May 28 via manual (May 28th 2022, 5:44:13 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 20 domains to perform 62 HTTP transactions. The main IP is 2600:9000:2156:4000:1a:b9b9:50c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.salon.com. The Cisco Umbrella rank of the primary domain is 65938.
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.

This is the only time www.salon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:215... 2600:9000:2156:4000:1a:b9b9:50c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:1000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.96 18.66.248.96	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.39 108.157.4.39	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	3.237.175.195 3.237.175.195	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	44.238.79.234 44.238.79.234	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	54.144.94.26 54.144.94.26	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:9fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.198.217 199.232.198.217	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4014:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	18.212.140.196 18.212.140.196	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	35.85.185.37 35.85.185.37	16509 (AMAZON-02) (AMAZON-02)
1	52.35.101.198 52.35.101.198	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	44.238.81.176 44.238.81.176	16509 (AMAZON-02) (AMAZON-02)
1	34.213.65.0 34.213.65.0	16509 (AMAZON-02) (AMAZON-02)
62	30

5 2600:9000:2156:4000:1a:b9b9:50c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.salon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-96.dus51.r.cloudfront.net

mediaproxy.salon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

media.salon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-39.dus51.r.cloudfront.net

assets.salon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com

carbon-cdn.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.79.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-79-234.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.94.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-94-26.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9fea (United States)

ASN13335 (CLOUDFLARENET, US)

player.propervideo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com

pogo.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
privacy-location-edge.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.185.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-185-37.us-west-2.compute.amazonaws.com

id.halo.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.101.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-101-198.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.81.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.65.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-65-0.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	salon.com www.salon.com — Cisco Umbrella Rank: 65938 mediaproxy.salon.com — Cisco Umbrella Rank: 78924 media.salon.com — Cisco Umbrella Rank: 131775 assets.salon.com — Cisco Umbrella Rank: 132093	239 KB
9	ccgateway.net carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 9223 pogo.ccgateway.net — Cisco Umbrella Rank: 11377 script-api.ccgateway.net — Cisco Umbrella Rank: 9856 privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 9896	25 KB
6	ad.gt a.ad.gt — Cisco Umbrella Rank: 4262 id.halo.ad.gt — Cisco Umbrella Rank: 4465 p.ad.gt — Cisco Umbrella Rank: 4774 pixels.ad.gt — Cisco Umbrella Rank: 4659 ids.ad.gt — Cisco Umbrella Rank: 3698	30 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2111	89 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	22 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	152 KB
4	proper.io global.proper.io — Cisco Umbrella Rank: 7781 abcheck.proper.io — Cisco Umbrella Rank: 8866	140 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1204 mab.chartbeat.com — Cisco Umbrella Rank: 2093	24 KB
2	gstatic.com fonts.gstatic.com	169 KB
2	facebook.com graph.facebook.com — Cisco Umbrella Rank: 139	984 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1742	24 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 890 pixel.quantserve.com — Cisco Umbrella Rank: 412	10 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 67	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	4 KB
1	reddit.com www.reddit.com — Cisco Umbrella Rank: 2817	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6117	501 B
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 5203	7 KB
1	propervideo.io player.propervideo.io — Cisco Umbrella Rank: 21221	28 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 862	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1105	201 B
62	20

	Domain	Requested by
6	script-api.ccgateway.net	carbon-cdn.ccgateway.net
5	www.google-analytics.com	www.salon.com www.google-analytics.com
5	www.salon.com	www.salon.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	graph.facebook.com	www.salon.com
2	script.4dex.io	global.proper.io script.4dex.io
2	abcheck.proper.io	www.salon.com
2	a.ad.gt	www.salon.com p.ad.gt
2	global.proper.io	www.salon.com global.proper.io
2	assets.salon.com	www.salon.com
2	media.salon.com	www.salon.com
2	static.chartbeat.com	www.salon.com
1	ids.ad.gt	www.salon.com
1	pixels.ad.gt	p.ad.gt
1	privacy-location-edge.ccgateway.net	script-api.ccgateway.net
1	p.ad.gt	a.ad.gt
1	id.halo.ad.gt	a.ad.gt
1	lh3.googleusercontent.com	www.salon.com
1	fonts.googleapis.com
1	pogo.ccgateway.net	carbon-cdn.ccgateway.net
1	www.reddit.com	www.salon.com
1	pixel.quantserve.com	www.salon.com
1	www.google.de	www.salon.com
1	www.google.com	www.salon.com
1	static.scroll.com	www.salon.com
1	player.propervideo.io	www.salon.com
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net	www.salon.com
1	mab.chartbeat.com	static.chartbeat.com
1	secure.quantserve.com	www.salon.com
1	carbon-cdn.ccgateway.net	www.salon.com
1	mediaproxy.salon.com	www.salon.com
62	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.shutterstock.com
en.wikipedia.org
daringfireball.net
www.theverge.com
www.theregister.co.uk
github.com
blogs.technet.microsoft.com
www.threatconnect.com
citizenlab.ca
www.blog.google

Subject Issuer	Validity	Valid
salon.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
ccgateway.net R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.scroll.com R3	`2022-04-27` - `2022-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
halo.ad.gt Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Frame ID: 3A0111D368638D4CD51014BF9C821B90
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Russian hackers exploited a Google flaw to hack journalists | Salon.com

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

62
Requests

100 %
HTTPS

53 %
IPv6

20
Domains

35
Subdomains

30
IPs

4
Countries

969 kB
Transfer

2727 kB
Size

21
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/salon/

Search URL Search Domain Scan URL

URL: https://twitter.com/Salon

Search URL Search Domain Scan URL

URL: http://www.shutterstock.com/
Title: Shutterstock

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Accelerated_Mobile_Pages
Title: Accelerated Mobile Pages

Search URL Search Domain Scan URL

URL: https://daringfireball.net/2016/10/why_publish_amp_pages
Title: John Gruber wrote

Search URL Search Domain Scan URL

URL: https://www.theverge.com/2016/12/6/13850230/fake-news-sites-google-search-facebook-instant-articles
Title: to share many of the same visual features

Search URL Search Domain Scan URL

URL: https://www.theregister.co.uk/2017/05/19/open_source_insider_google_amp_bad_bad_bad/
Title: in an essay

Search URL Search Domain Scan URL

URL: https://github.com/ampproject/amphtml/issues/6210
Title: report

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/mmpc/2016/11/01/our-commitment-to-our-customers-security/
Title: more viruses utilizing previously unknown vulnerabilities

Search URL Search Domain Scan URL

URL: https://twitter.com/AricToler/status/785822259218833408
Title: had published on Oct. 11

Search URL Search Domain Scan URL

URL: https://www.threatconnect.com/blog/how-to-investigate-incidents-in-threatconnect/
Title: ThreatConnect had archived

Search URL Search Domain Scan URL

URL: https://www.threatconnect.com/blog/russia-hacks-bellingcat-mh17-investigation/
Title: his Bellingcat colleagues

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/2017/05/tainted-leaks-disinformation-phish/#part4
Title: altering them

Search URL Search Domain Scan URL

URL: https://daringfireball.net/linked/2017/05/29/russian-amp-phishing
Title: even an advanced web user might be fooled

Search URL Search Domain Scan URL

URL: https://www.blog.google/topics/safety-security/safe-browsing-protecting-more-3-billion-devices-worldwide-automatically/
Title: Safe Browsing

Search URL Search Domain Scan URL

URL: https://github.com/ampproject/amphtml/issues/6210#event-1246492001
Title: blocked

Search URL Search Domain Scan URL

URL: https://twitter.com/mattsheffield
Title: follow him on Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/ 181 KB
39 KB 161ms
123ms Document
text/html 2600:9000:2156:4000:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1418cb33f82d9eee795bca31dbb5bd23368911fdac2b2be0906e2716924ff4a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, s-maxage=604800, max-age=0
content-encoding: br
content-length: 39849
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 05:44:06 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-id: sF0tWpNHLR0hm4AjWN79ej_NOzVWsmrhXXP3Up_B0u3yP79UfbaqWw==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 42ms
7ms Script
application/x-javascript 2600:9000:2156:1000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 04:49:48 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 00:18:19 GMT
server: nginx
age: 3259
etag: W/"625616cb-595b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VmfCe72jVZgpA6rnYvvGy-mjywR1X3jpt2Yndvcc5NOLt4vcMohlbA==
expires: Sat, 28 May 2022 06:49:48 GMT

GET
H2 200 salon-logo.svg
www.salon.com/design/images/ 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:2156:4000:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.salon.com/design/images/salon-logo.svg
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:50:32 GMT
content-encoding: br
last-modified: Tue, 24 May 2022 19:49:43 GMT
server: nginx
age: 294814
etag: W/"628d36d7-811"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 910
x-amz-cf-id: Jl2z2-oszMwvpScrXuiiaMrSt9rwPbgeIx8KSxUVbSPC0QPuAsLsqw==
expires: Wed, 24 May 2023 19:50:32 GMT

GET
H2 200 computer_hacker3.jpg
mediaproxy.salon.com/width/1200/https://media.salon.com/2016/12/ 91 KB
92 KB 733ms
671ms Image
image/webp 18.66.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaproxy.salon.com/width/1200/https://media.salon.com/2016/12/computer_hacker3.jpg
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-96.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d3d72607588b893dad2a6066ae3ac00669f3c7a43b81e61d53475621d119b5b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 265ms
date: Sat, 28 May 2022 05:44:07 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, s-maxage=31536000, max-age=31536000
content-length: 93576
x-amz-cf-id: eviSc_A9957NAXDE8tHtt_M3wcAG9ULHYRFQX-VHi9tECYGZEhTGAg==

GET
H2 200 2016-10-12-message1-1024x638.png
media.salon.com/2017/09/ 25 KB
25 KB 1019ms
992ms Image
image/webp 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.salon.com/2017/09/2016-10-12-message1-1024x638.png
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 128be2e1ad1399c61699819fade0a30b0d2568edaf1aaab63817e84a01cec08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:08 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Sun, 25 Apr 2021 09:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "620f988b6a4b3ca59dd2b9754620653d"
x-cache: Miss from cloudfront
x-amz-version-id: nQce0fYLxPYAJJr6xvovr9iem3rxBErl
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/webp
content-length: 25522
x-amz-cf-id: y-YszUcroG46ht0p8vBYtSGX_LqkY2pcARZ5JwnFGUkyfpIzSYF7OA==

GET
H2 200 new-redirect-notice1.png
media.salon.com/2017/09/ 17 KB
17 KB 2116ms
2089ms Image
image/webp 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.salon.com/2017/09/new-redirect-notice1.png
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13c92346bfd7fb1b53db267a60bb73b6d95bd22507ea532fc32b7b8450812ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:10 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Sun, 25 Apr 2021 09:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "426852e1c5dc4cb72f912c0af9b04938"
x-cache: Miss from cloudfront
x-amz-version-id: TDQmtCjcYG2H964D0ofeSNb3IQtmXJY4
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/webp
content-length: 16920
x-amz-cf-id: ATWqe7xCk8e_rC9ApE7FWTvi4fev-bqRWPPygN9PV1xHWOT05pI75A==

GET
H2 200 bundle.js Show response
assets.salon.com/design/assets/ 195 KB
54 KB 53ms
12ms Script
application/javascript 108.157.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salon.com/design/assets/bundle.js?rev=68f935814fef700372396dcbb04ad7d7433a6330
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-39.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cfb338f5cc1eac500c2f8da2f842c0316336c51b31c1c6093208623b3f5392ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:49:48 GMT
content-encoding: br
age: 294859
x-cache: Hit from cloudfront
content-length: 55143
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 19:40:55 GMT
server: nginx
etag: W/"628d34c7-30b46"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 8JW_oNi33GqsLzF686JNekZE3A5a15RfzOKlEq7fYIsuXzG6e5fFcQ==
expires: Wed, 24 May 2023 19:49:48 GMT

GET
H2 200 salon.min.js Show response
global.proper.io/ 68 KB
11 KB 56ms
30ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/salon.min.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d8dc74cc5aa46f5f3882b5fab69af56378dc2612f0e29abe1a7d130cdb143b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 19:57:40 GMT
server: cloudflare
age: 1417458
etag: W/"627c1534-10f1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 7124ad33def59be8-FRA
expires: Sat, 28 May 2022 05:49:07 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 34ms
8ms Script
application/x-javascript 2600:9000:2156:1000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 04:24:41 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:08:30 GMT
server: nginx
age: 4766
etag: W/"625f4efe-8bf5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z7o8EIhvIxne8ps1sFYqev9PL56q67ouQl0daoX_g3ZN5DDwUVg9DA==
expires: Sat, 28 May 2022 06:24:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5099
date: Sat, 28 May 2022 04:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 28 May 2022 06:19:08 GMT

GET
H2 200 script Show response
carbon-cdn.ccgateway.net/ 42 KB
12 KB 379ms
99ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 3a2d91b4600490b04e97b5c5836072ee4039b1e5d050f2b00c3393b141f21f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=900
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 31ms
7ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 04 Jun 2022 05:44:07 GMT

GET
H2 200 main.css
assets.salon.com/design/assets/ 59 KB
9 KB 11ms
11ms Stylesheet
text/css 108.157.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salon.com/design/assets/main.css?rev=68f935814fef700372396dcbb04ad7d7433a6330
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-39.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 607e27232a5f02827957e1606e340e9bbcaf2639f6c3ae7b76408b3c9b80b910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:49:48 GMT
content-encoding: br
age: 294859
x-cache: Hit from cloudfront
content-length: 8294
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 19:40:55 GMT
server: nginx
etag: W/"628d34c7-ebfd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: qkcB98RQPKELmDnnEUDPyTmFPNQKVB6nP29CU6bpphkCubEUF-YLTw==
expires: Wed, 24 May 2023 19:49:48 GMT

GET
H2 200 317 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
9 KB 485ms
163ms Script
application/javascript 44.238.79.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&ref=
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.79.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-79-234.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 69d0ee97430201210603cc8a845338656a738d9e8bea14527a88fe0468bb8555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 May 2022 05:44:07 GMT
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-length: 8655
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
146 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=591782790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&ul=en-us&de=UTF-8&dt=Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists%20%7C%20Salon.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1092972728&gjid=600867459&cid=1374256828.1653716647&tid=UA-1232497-1&_gid=811176031.1653716647&_r=1&_slc=1&cd1=Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists&cd2=article&cd3=Matthew%20Sheffield&cd5=media&cd9=original&z=2063328401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=591782790&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&ul=en-us&de=UTF-8&dt=Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists%20%7C%20Salon.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video_player_type&ea=video_proper&el=video_player&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1374256828.1653716647&tid=UA-1232497-1&_gid=811176031.1653716647&z=722344789

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 06:07:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 227 B
528 B 189ms
129ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=salon.com&domain=salon.com&path=%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 174afa98e9d7085550f7e3571b0f0e8f508e7ff57079e906ed4de774bec3291d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 174
x-served-by: cache-mxp6955-MXP
access-control-allow-origin: *
x-timer: S1653716647.168779,VS0,VE114
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Thu, 26 May 2022 05:44:07 GMT

POST
H2 200 salon_is_ad_free_check.php Show response
www.salon.com/ajax/ 77 B
425 B 384ms
384ms XHR
text/html 2600:9000:2156:4000:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/salon_is_ad_free_check.php
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7

Request headers

Accept: */*
Referer: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 60
x-amz-cf-id: zH1IC4GeWoRF7HKPNCAM9bu2GoDoOx5YPaDfaKmBl73QPM07ksgeng==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 301ms
97ms Image
image/gif 54.144.94.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=salon.com&p=%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&u=ls946D-K6ahCJSsTT&d=salon.com&g=1614&g0=All%20Salon%2C%20Media%2C%20News%2C%20News%20%26amp%3B%20Politics%2C%20Politics%2C%20Technology&g1=Matthew%20Sheffield&n=1&f=00001&c=0&x=0&m=0&y=14471&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=319&t=dHj0HCk_l0EDxVY4yCElNhgDFyAUo&V=132&i=Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists%20%7C%20Salon.com&tz=0&_acct=anon&sn=1&sv=BG3uZFCCwRP6uSwj-BMHfpQCyBdw6&sd=1&im=067b9ff0&_
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.94.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-94-26.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 53ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/salon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d652bacb2b991900019ecfd47f77fa785a78e38b6a9c56236e5d4614310e248e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28117
x-xss-protection: 0
server: sffe
etag: "1228 / 591 of 1000 / last-modified: 1653689078"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 May 2022 05:44:07 GMT

GET
H2 200 2.14.1.js Show response
global.proper.io/payloads/ 513 KB
127 KB 24ms
24ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/2.14.1.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/salon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88629f2d052b43650ca1c2cf2a0b03c34115c30b86e9f97f3d87785f3134954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 19:56:04 GMT
server: cloudflare
age: 1417558
etag: W/"627c14d4-804f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 7124ad3488689be8-FRA
expires: Sat, 28 May 2022 05:49:07 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
984 B 376ms
368ms Image
image/gif 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=4.329007975837449
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: GD8GMYYBV6GTP2SK
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7124ad3498799be8-FRA
content-length: 842
x-amz-id-2: BmxMk1syNwbV1xDhyMGcJfoTFDPRgbLiyyzgtj4MWWpDQfkyRFJIy744hKoXSx+C/9HR7qHb+DU=
expires: Sat, 28 May 2022 09:44:07 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 358ms
349ms Image
image/gif 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=4.329007975837449
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: GD8MWYKZD30WNJ83
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7124ad3498789be8-FRA
content-length: 842
x-amz-id-2: gCafV/0edcC0iqL/VstB7B08ARatof+TPf+G4C82N5q68W6wORKTOUhG3tdClFPA4HK8KgpWJXk=
expires: Sat, 28 May 2022 09:44:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 72ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1232497-1&cid=1374256828.1653716647&jid=1092972728&gjid=600867459&_gid=811176031.1653716647&_u=IEBAAEAAAAAAAC~&z=768341406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 28 May 2022 05:44:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 KB
2 KB 44ms
7ms Script
application/javascript 2600:9000:2156:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:00:06 GMT
content-encoding: gzip
age: 2643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 22:03:49 GMT
server: AmazonS3
etag: W/"ebff52074a206856b4f1993710373d93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: aYY9WkdJ8fH2pxvhW83pGCaprdmk_JGneVXPReWdbdQLTPW6FYcdBg==

GET
H2 200 main.js Show response
player.propervideo.io/new_rtp/ 124 KB
28 KB 46ms
19ms Script
application/javascript 2606:4700::6812:9fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/new_rtp/main.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25c142f7703a2c89cc00bbac6ce2eaf031c568d2a56e4ace61a5399ee56d792a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 May 2022 21:05:25 GMT
server: cloudflare
age: 1586299
etag: W/"62798215-2e5ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sat, 28 May 2022 05:49:07 GMT
cache-control: public, max-age=300
cf-polished: origSize=189869
cf-ray: 7124ad34ccc791de-FRA
cf-bgj: minify

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 101ms
7ms Script
application/javascript 199.232.198.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
age: 27991
x-guploader-uploadid: ADPycdvVEKQHPDCpLpzbRwW1FilgJWbhd-sSq4O17Gd25eOnX_Gitl1sBZdw90ONhW5R50_jD54MApc6ib2YfLj3JIWiDkNpkqXm
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-hhn4047-HHN
last-modified: Thu, 17 Mar 2022 20:05:53 GMT
server: UploadServer
x-timer: S1653716647.273737,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
x-goog-generation: 1647547553107114
via: 1.1 varnish
expires: Wed, 25 May 2022 21:57:35 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 3074

GET
H2 200 social_counts.php Show response
www.salon.com/ajax/ 250 B
509 B 112ms
112ms XHR
text/html 2600:9000:2156:4000:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/social_counts.php?post_id=14823467
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 98764a7c95826f6e2e21b53ec6cf1362a1da212b4ea06ac0d9b4f733fa742d85

Request headers

Accept: */*
Referer: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 142
x-amz-cf-id: Lbv-As2w2A3EVrxuvr-W1FU_HElmTjopIXckTOLwrGsIyVwOo3ceRA==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
943 B 85ms
28ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/2.14.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296004
x-amz-request-id: tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2: tx868aa8ceaf494ff0b1336-00627a3731
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGEDEVG4bLe35s8kFrf%2F76rpWH%2FCq1kx3dxAz3Evh1WM3zZeJEcPEwFl68BIY5N5AlfsNKLOYsQxhvui6cl5IBNTNEzZkTSgWYmCheSdRKRU%2BCy8CkfmL5rTLVmIIaN5y1yyU6b2z71Js%2FFA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 7124ad354994599b-MXP

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 84ms
32ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1232497-1&cid=1374256828.1653716647&jid=1092972728&_u=IEBAAEAAAAAAAC~&z=67223060

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1232497-1&cid=1374256828.1653716647&jid=1092972728&_u=IEBAAEAAAAAAAC~&z=67223060

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=385825059;labels=tags.Accelerated%20Mobile%20Pages%2Ctags.All%20Salon%2Ctags.AMP%2Ctags.APT28%2Ctags.computer%20hacking%2Ctags.Fancy%20Bear%2Ctags.Google%2Ctags.hackers%2Ctags.Hacking%2Ctag...
pixel.quantserve.com/ 35 B
372 B 11ms
10ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=385825059;labels=tags.Accelerated%20Mobile%20Pages%2Ctags.All%20Salon%2Ctags.AMP%2Ctags.APT28%2Ctags.computer%20hacking%2Ctags.Fancy%20Bear%2Ctags.Google%2Ctags.hackers%2Ctags.Hacking%2Ctags.Media%2Ctags.mobile%20tech%2Ctags.News%2Ctags.News%20%26%20Politics%2Ctags.Politics%2Ctags.Russia%2Ctags.Russian%20hack%2Ctags.russian%20hackers%2Ctags.russian%20hacking%20scandal%2Ctags.Sofacy%2Ctags.Technology%2Csection.Media%2Cauthor.Matthew%20Sheffield%2Ctype.article%2Ctitle.Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists%2Csite.%40Salon;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F;uht=2;fpan=1;fpa=P0-723326522-1653716647203;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=salon.com;je=0;sr=1600x1200x24;dst=0;et=1653716647202;tzo=0;ogl=title.Russian%20hackers%20exploited%20a%20Google%20flaw%20to%20hack%20journalists%2Csite_name.Salon%2Cdescription.Hacker%20team%20%22Fancy%20Bear%22%20used%20Google's%20Accelerated%20Mobile%20Pages%20to%20steal%20Gmail%20p%2Cimage.https%3A%2F%2Fmediaproxy%252Esalon%252Ecom%2Fwidth%2F1200%2Fhttps%3A%2F%2Fmedia%252Esalon%252Ecom%2F2016%2F12%2Fcomputer%2Curl.https%3A%2F%2Fwww%252Esalon%252Ecom%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-goo%2Clocale.en_US%2Ctype.article

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 pubads_impl_2022052501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 23ms
8ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 19:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126602
x-xss-protection: 0
last-modified: Wed, 25 May 2022 08:34:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 May 2023 19:05:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 257 B
162 B 31ms
16ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.salon.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

66314e762c531def9ac157895a5d2d03df051962c06498f5c4766d84aea54a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
expires: Sat, 28 May 2022 05:44:07 GMT

GET
H2 200 / Show response
graph.facebook.com/v3.3/ 296 B
746 B 153ms
122ms Script
text/javascript 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v3.3/?callback=jQuery33106108243508285545_1653716647111&fields=engagement&access_token=2074890856142061%7C05ccf5b8d1bafc9fc1c04b905f95fb39&id=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&_=1653716647112

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e58389f33d709198801d55333d51d3f0dfdc244e84799ae17bfbe12b5b7e703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "1998662336e750e6b6ef4dd1a558e1a2f076bb85"
x-app-usage: {"call_count":10,"total_cputime":0,"total_time":1}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1005599319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 192
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 62KtZjO/lO9ffaDy3lXwiAbWodCUtBUxqV9cZfBRVzkDfSP1lDO0GOao35Fbf3JT2l8KoTju+NE0iHFoRfuwLg==
x-fb-trace-id: GICHnOCE4dr
date: Sat, 28 May 2022 05:44:07 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AosfWtJMtQV34BMDmLS3RLz
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v7.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 120 B
1 KB 150ms
124ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ratelimit-used: 1
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
date: Sat, 28 May 2022 05:44:07 GMT
x-ratelimit-remaining: 299
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset: 353
accept-ranges: bytes
expires: -1

GET
H2 200 5376056 Show response
fundingchoicesmessages.google.com/i/ 93 KB
33 KB 57ms
35ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5376056?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f66339260da03102c69ec8a696415cbd22eabe62027187d06dace003f5a6557d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FTsydgvtBvFFu3vLg8K5yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-FTsydgvtBvFFu3vLg8K5yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-FTsydgvtBvFFu3vLg8K5yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-FTsydgvtBvFFu3vLg8K5yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 28 May 2022 05:44:07 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 33ms
17ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1539779
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx14dd6be3a99b4a9a92cad-00627a378a
x-amz-id-2: tx14dd6be3a99b4a9a92cad-00627a378a
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXnDaEovUgkFAonTE7bBSnp2uQAfE%2FaiNvV8hBsDKns%2FNXacP%2F6neSuaR7Xq46aBz6CJpz%2Bmtgy%2FM9JVPDRtsZJjnsFYEnWIEu4cxwfSC2vozE1zoPzvUpRPdhMQX9Mv8U3j6mGrn0FIcF4T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 7124ad35c83e9b34-FRA
access-control-allow-headers: Authorization

POST
H3 204 AGSKWxU86HkAOMX1g074eCLfX0zcjdp10HiIFDMyzWKyzDdkeMntDE0xx6NACq3UCxqIVyQ6_w0vz82Ul0sjWBjVhEM= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
24ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU86HkAOMX1g074eCLfX0zcjdp10HiIFDMyzWKyzDdkeMntDE0xx6NACq3UCxqIVyQ6_w0vz82Ul0sjWBjVhEM=?pvid=95EF1141-68DF-424B-BBED-42FB929A9424&anonid=F2CD0165-7B08-4213-87A4-62975EEDDE9F

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.QYgLnAPipRs.es5.O/d=1/rs=AJlcJMwRpeKTSUSP6JjkHmJRqirsKG8W8Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jrtukPJ3MF-dvz2QmUP2dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jrtukPJ3MF-dvz2QmUP2dA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.salon.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jrtukPJ3MF-dvz2QmUP2dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jrtukPJ3MF-dvz2QmUP2dA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUk9nZMeWCR1YfxMXzVRg7f1ZAm4tYirBVbCu29NzxH2bHygpg9ryvW6Q5AMXOiUxTGwtLdGbcGwuj4RPfhvd4= Show response
fundingchoicesmessages.google.com/f/ 283 KB
56 KB 64ms
48ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUk9nZMeWCR1YfxMXzVRg7f1ZAm4tYirBVbCu29NzxH2bHygpg9ryvW6Q5AMXOiUxTGwtLdGbcGwuj4RPfhvd4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUzNzE2NjQ3LDM5ODAwMDAwMF0sIjk1RUYxMTQxLTY4REYtNDI0Qi1CQkVELTQyRkI5MjlBOTQyNCIsIkYyQ0QwMTY1LTdCMDgtNDIxMy04N0E0LTYyOTc1RUVEREU5RiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5zYWxvbi5jb20vMjAxNy8wOS8yNC9ydXNzaWFuLWhhY2tlcnMtZXhwbG9pdGVkLWEtZ29vZ2xlLWZsYXctYW5kLWdvb2dsZS13b250LWZpeC1pdC8iLG51bGwsW11d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

792dec560a8b93eac992b9239290e904d46e511bd35b2322669ce667dfacc02b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fMFRIXIj1vRJeOmRYH0vLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fMFRIXIj1vRJeOmRYH0vLQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fMFRIXIj1vRJeOmRYH0vLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fMFRIXIj1vRJeOmRYH0vLQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 28 May 2022 05:44:07 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
graph.facebook.com/v3.0/ 297 B
238 B 79ms
70ms Script
text/javascript 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v3.0/?callback=jQuery33106108243508285545_1653716647111&fields=engagement&access_token=2074890856142061%7C05ccf5b8d1bafc9fc1c04b905f95fb39&id=http%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&_=1653716647113

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

954fd071f46811c32f5edab36b414e7d27bbfc966d0c8a62d70f2a859c93c812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "71d542897321a0799d023d13645ed39903a0b512"
x-app-usage: {"call_count":10,"total_cputime":0,"total_time":1}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1005599319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: uZDF43Jg2bsXM+0HTgKxTZKLMn+erackSYWJ9SG17V95XRTwvUKpfm/GbYqhw+pm2ZLhckmasgEfT28EK2VZ0A==
x-fb-trace-id: DJ5lcNTnpIQ
date: Sat, 28 May 2022 05:44:07 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A7W2exDSHk-tkDJTqagvyug
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v7.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 save_social_counts.php Show response
www.salon.com/ajax/ 43 B
408 B 384ms
383ms XHR
text/html 2600:9000:2156:4000:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/save_social_counts.php?type=track_counts
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c2a4727b85eca4ced605b91d5203a0253af1ff2d95bad11f4a940498c6236c46

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 42
x-amz-cf-id: 1xt2a3yEZyS9Y80YrPZ6T3Le9wLaGGicwUZaGbnvacmAR-Y5TETRGA==

GET
H2 200 classification Show response
pogo.ccgateway.net/v1/p/25616daa17/ 195 B
348 B 411ms
159ms XHR
application/json 18.212.140.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pogo.ccgateway.net/v1/p/25616daa17/classification?url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-140-196.compute-1.amazonaws.com
Software: /
Resource Hash: e0e84783540e62585d05c10a810d6a0346b417debc129354e93c40e822400ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
content-type: application/json

GET
H2 200 user.js Show response
script-api.ccgateway.net/script/launcher/1/ 1 KB
642 B 151ms
97ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/1/user.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 userId Show response
script-api.ccgateway.net/ 225 B
345 B 152ms
98ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/userId
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 724d8103b0f0c11ca3fa1e038bdff1597c0cb4d26affeb102931fc2161ac16e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=3156000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 realtime.js Show response
script-api.ccgateway.net/script/launcher/1/ 4 KB
2 KB 152ms
98ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/1/realtime.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 7c44874e212bb59909bbc1963a75d2c326cae854268a8f9b57a222de325d7b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 api.js Show response
script-api.ccgateway.net/script/launcher/3/ 4 KB
2 KB 151ms
98ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/3/api.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 60 KB
4 KB 46ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.Bksmp9e-JJg.es5.O/d=1/rs=AJlcJMxd74zjTGf37vdLwZ9Vc3gN09bipQ/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 May 2022 05:44:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 28 May 2022 05:44:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 May 2022 05:44:07 GMT

GET
H2 200 Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60
lh3.googleusercontent.com/ 2 KB
2 KB 41ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60

Requested by

Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 04:37:05 GMT
x-content-type-options: nosniff
age: 4022
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1619
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Mar 2022 10:02:50 GMT

POST
H3 204 AGSKWxVmFKnXpzWmmi6CDlUtZDNWsDk0KQg7SlfD1vIdhcc5C0b3_pCc-WuzWgDeFb2zimzG57_kBp8VU6z20ay4rI3eZT2Yvzg8X4NIrEWpeWJUti6ZxpZ8mDddNj4sS9qiIw1j6jK8F7VRZo6iYQRR88zSdZ-S-hQh5AKrK_VPRuUz85h4o0b39FhVh12p Show response
fundingchoicesmessages.google.com/el/ 0
28 B 21ms
20ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmFKnXpzWmmi6CDlUtZDNWsDk0KQg7SlfD1vIdhcc5C0b3_pCc-WuzWgDeFb2zimzG57_kBp8VU6z20ay4rI3eZT2Yvzg8X4NIrEWpeWJUti6ZxpZ8mDddNj4sS9qiIw1j6jK8F7VRZo6iYQRR88zSdZ-S-hQh5AKrK_VPRuUz85h4o0b39FhVh12p?dmid=53cb964110ed71cd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M1kSSFgGoj7EF65p0vpGxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-M1kSSFgGoj7EF65p0vpGxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.salon.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M1kSSFgGoj7EF65p0vpGxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-M1kSSFgGoj7EF65p0vpGxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 317 Show response
id.halo.ad.gt/api/v1/partner/ 52 KB
10 KB 480ms
159ms Script
text/javascript 35.85.185.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/317?sync=1&url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: a3e3bd9ca72cca8292110c5997304f488bda24eef809cde49f9b2cdb704f5b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 317 Show response
p.ad.gt/api/v1/p/ 31 KB
10 KB 477ms
160ms Script
text/html 52.35.101.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/317?au_id=AU1D-0100-001653716648-FSDZFC5B-RR9V
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.101.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-101-198.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 872879eacbd34981b531900f9e2b72e11eebee77020d6e57f30be621da44cc9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
server: nginx/1.20.0
content-type: text/html; charset=utf-8

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v129/ 124 KB
124 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v129/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.salon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:59:51 GMT
x-content-type-options: nosniff
age: 294256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127244
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:27:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 19:59:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.salon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 367918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 23:32:09 GMT

GET
H2 200 getProfileRealtime Show response
script-api.ccgateway.net/ 202 B
327 B 118ms
118ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/getProfileRealtime?ccuid=255651ce-7c19-48a3-a252-670a26f31d64&intent=false&demo=false&brands=false&audiences=true&parentId=25616daa17
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 64d61308c1dc0334a7216e8c2de635d049b30de734d66828145e48e7239ca1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: private,max-age=1800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle Show response
script-api.ccgateway.net/script/ 24 KB
8 KB 104ms
104ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/bundle?id=www.salon.com&parentId=25616daa17
Requested by: Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 6d36a7a813d3cf634ae099e469e3df96591eecc89dc1eee25071a61598ff29d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
cache-control: public,max-age=1200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 location Show response
privacy-location-edge.ccgateway.net/privacy/ 2 B
188 B 151ms
99ms XHR
text/plain 18.212.140.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-location-edge.ccgateway.net/privacy/location
Requested by: Host: script-api.ccgateway.net
URL: https://script-api.ccgateway.net/script/bundle?id=www.salon.com&parentId=25616daa17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-140-196.compute-1.amazonaws.com
Software: /
Resource Hash: 9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 May 2022 05:44:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
102 B 486ms
176ms XHR
text/plain 44.238.79.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/317?au_id=AU1D-0100-001653716648-FSDZFC5B-RR9V
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.79.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-79-234.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.salon.com
date: Sat, 28 May 2022 05:44:08 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
52 B 483ms
159ms Script
text/plain 44.238.81.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=463c1c04f97df6052c8b767511c8557d&url=https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/317?au_id=AU1D-0100-001653716648-FSDZFC5B-RR9V
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.81.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:08 GMT
server: nginx/1.20.0

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 May 2022 06:21:20 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 May 2022 06:13:40 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
475 B 487ms
156ms Image
image/gif 34.213.65.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001653716648-FSDZFC5B-RR9V&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oik0mggk4e4s4ou04gu0oeow6sy
Requested by: Host: www.salon.com
URL: https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.65.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-65-0.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 05:44:08 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Sat, 28 May 2022 17:44:08 GMT

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.proper.io/	1970-01-20 03:21:58	Name: __cf_bm Value: ndo7r7AI7CX95Vzyhr8fStzht7M6dTb6_UG67Zm8w1Q-1653716647-0-AUB8q1agjWUtDmGwCHRw96sItFIK5BN6ZK4xsiNLYWWJLPF4i761Mvoi3TNz5qCGh+5tm7YVrEWYYxUCMCtb0qRKQSHkOjSEDM+QRUlS05s1
www.salon.com/	1970-01-20 12:50:44	Name: _cb_ls Value: 1
.salon.com/	1970-01-20 20:53:08	Name: _ga Value: GA1.2.1374256828.1653716647
.salon.com/	1970-01-20 03:23:23	Name: _gid Value: GA1.2.811176031.1653716647
.salon.com/	1970-01-20 03:21:56	Name: _gat Value: 1
www.salon.com/	1970-01-20 12:50:44	Name: _cb Value: ls946D-K6ahCJSsTT
www.salon.com/	1970-01-20 12:50:44	Name: _chartbeat2 Value: .1653716647093.1653716647093.1.BG3uZFCCwRP6uSwj-BMHfpQCyBdw6.1
www.salon.com/	1970-01-20 03:21:58	Name: _cb_svref Value: null
www.salon.com/	1969-12-31 23:59:59	Name: proper_rtp_split_test Value: {"version_id":"14567","release_ts":"2022-05-11 12:57:40"}
www.salon.com/	1970-01-20 04:05:08	Name: salon-page-view-count Value: 1
.quantserve.com/	1970-01-20 12:52:11	Name: mc Value: 6291b6a7-456c7-17c8f-9296e
.salon.com/	1970-01-20 12:46:25	Name: __qca Value: P0-723326522-1653716647203
www.salon.com/	1970-01-20 03:21:57	Name: GLAM-JID Value: d2c351095ef14aa787830baad5b4090f
www.salon.com/	1970-01-20 04:05:08	Name: GLAM-AID Value: f17083c27e4b48a1b95f37642da2f8c4
www.salon.com/	1969-12-31 23:59:59	Name: GLAM-SID Value: 1641e8f15e4f46f294a71c625410e778
www.salon.com/	1970-01-20 03:21:57	Name: __j_state Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%229ed1049e4ef641a4aeac9668497cbd34%22%2C%22extreferer%22%3A%22https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F%22%2C%22user_worth%22%3A0%7D
.ad.gt/	1970-01-20 03:23:23	Name: au_idmatch Value: eyJhcG4iOiAxNjUzNzE2NjQ3NDc3LCAidHRkIjogMTY1MzcxNjY0NzQ3NywgInB1YiI6IDE2NTM3MTY2NDc0NzcsICJhZHgiOiAxNjUzNzE2NjQ3NDc3LCAiZ29vIjogMTY1MzcxNjY0NzQ3NywgInRhYm9vbGEiOiAxNjUzNzE2NjQ3NDc3LCAicHBudCI6IDE2NTM3MTY2NDc0NzcsICJvcGVueCI6IDE2NTM3MTY2NDc0NzcsICJtZWRpYW1hdGgiOiAxNjUzNzE2NjQ3NDc3LCAicnViIjogMTY1MzcxNjY0NzQ3NywgInNvbiI6IDE2NTM3MTY2NDc0NzcsICJhZG8iOiAxNjUzNzE2NjQ3NDc3LCAidW5ydWx5IjogMTY1MzcxNjY0NzQ3NywgImltcHIiOiAxNjUzNzE2NjQ3NDc3LCAic21hcnQiOiAxNjUzNzE2NjQ3NDc3LCAiYmVlcyI6IDE2NTM3MTY2NDc0Nzd9
.salon.com/	1970-01-20 12:07:32	Name: _au_1d Value: AU1D-0100-001653716648-FSDZFC5B-RR9V
.ad.gt/	1970-01-20 20:53:08	Name: last_seenhaloid Value: 1653716648609
.ad.gt/	1970-01-20 20:53:08	Name: au_id Value: AU1D-0100-001653716648-FSDZFC5B-RR9V
.ad.gt/	1970-01-20 20:53:08	Name: first_seenhaloid Value: 1653716648609

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
abcheck.proper.io
assets.salon.com
carbon-cdn.ccgateway.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
graph.facebook.com
id.halo.ad.gt
ids.ad.gt
lh3.googleusercontent.com
mab.chartbeat.com
media.salon.com
mediaproxy.salon.com
p.ad.gt
ping.chartbeat.net
pixel.quantserve.com
pixels.ad.gt
player.propervideo.io
pogo.ccgateway.net
privacy-location-edge.ccgateway.net
rules.quantcount.com
script-api.ccgateway.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.scroll.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.reddit.com
www.salon.com
108.157.4.39
142.250.185.98
143.204.98.86
151.101.65.140
18.212.140.196
18.66.248.96
199.232.198.217
2600:9000:2156:1000:18:1fcd:351:7bc1
2600:9000:2156:4000:1a:b9b9:50c0:93a1
2600:9000:2156:dc00:6:44e3:f8c0:93a1
2606:4700:20::681a:9a9
2606:4700::6811:4e22
2606:4700::6812:9fea
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c0c::9b
2a00:1450:4014:80f::2004
2a03:2880:f02d:110:face:b00c:0:2
2a04:4e42:400::714
3.237.175.195
34.213.65.0
35.85.185.37
44.238.79.234
44.238.81.176
52.35.101.198
54.144.94.26
03d8dc74cc5aa46f5f3882b5fab69af56378dc2612f0e29abe1a7d130cdb143b
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03
128be2e1ad1399c61699819fade0a30b0d2568edaf1aaab63817e84a01cec08a
13c92346bfd7fb1b53db267a60bb73b6d95bd22507ea532fc32b7b8450812ea8
1418cb33f82d9eee795bca31dbb5bd23368911fdac2b2be0906e2716924ff4a0
174afa98e9d7085550f7e3571b0f0e8f508e7ff57079e906ed4de774bec3291d
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
25c142f7703a2c89cc00bbac6ce2eaf031c568d2a56e4ace61a5399ee56d792a
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf
3a2d91b4600490b04e97b5c5836072ee4039b1e5d050f2b00c3393b141f21f6f
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
607e27232a5f02827957e1606e340e9bbcaf2639f6c3ae7b76408b3c9b80b910
64d61308c1dc0334a7216e8c2de635d049b30de734d66828145e48e7239ca1fb
66314e762c531def9ac157895a5d2d03df051962c06498f5c4766d84aea54a5c
69d0ee97430201210603cc8a845338656a738d9e8bea14527a88fe0468bb8555
6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163
6d36a7a813d3cf634ae099e469e3df96591eecc89dc1eee25071a61598ff29d6
724d8103b0f0c11ca3fa1e038bdff1597c0cb4d26affeb102931fc2161ac16e4
792dec560a8b93eac992b9239290e904d46e511bd35b2322669ce667dfacc02b
7c44874e212bb59909bbc1963a75d2c326cae854268a8f9b57a222de325d7b5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872879eacbd34981b531900f9e2b72e11eebee77020d6e57f30be621da44cc9d
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
954fd071f46811c32f5edab36b414e7d27bbfc966d0c8a62d70f2a859c93c812
98764a7c95826f6e2e21b53ec6cf1362a1da212b4ea06ac0d9b4f733fa742d85
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e3bd9ca72cca8292110c5997304f488bda24eef809cde49f9b2cdb704f5b54
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
c2a4727b85eca4ced605b91d5203a0253af1ff2d95bad11f4a940498c6236c46
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb338f5cc1eac500c2f8da2f842c0316336c51b31c1c6093208623b3f5392ef
d3d72607588b893dad2a6066ae3ac00669f3c7a43b81e61d53475621d119b5b7
d652bacb2b991900019ecfd47f77fa785a78e38b6a9c56236e5d4614310e248e
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7
d88629f2d052b43650ca1c2cf2a0b03c34115c30b86e9f97f3d87785f3134954
db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361
df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2
e0e84783540e62585d05c10a810d6a0346b417debc129354e93c40e822400ec4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58389f33d709198801d55333d51d3f0dfdc244e84799ae17bfbe12b5b7e703b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5
f66339260da03102c69ec8a696415cbd22eabe62027187d06dace003f5a6557d

www.salon.com Open in urlscan Pro 2600:9000:2156:4000:1a:b9b9:50c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

53 %IPv6

20 Domains

35 Subdomains

30 IPs

4 Countries

969 kBTransfer

2727 kBSize

21 Cookies

17 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.salon.com Open in urlscan Pro
2600:9000:2156:4000:1a:b9b9:50c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

53 %
IPv6

20
Domains

35
Subdomains

30
IPs

4
Countries

969 kB
Transfer

2727 kB
Size

21
Cookies

62 HTTP transactions
0 data transactions