URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Submission: On November 09 via manual from CA — Scanned from CA

Summary

This website contacted 136 IPs in 13 countries across 147 domains to perform 674 HTTP transactions. The main IP is 2606:4700:3031::ac43:8cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 576263.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
50 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.165.83.61 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 70 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:250... 16509 (AMAZON-02)
1 10 18.118.57.12 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 23.34.59.37 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
3 18.67.67.228 16509 (AMAZON-02)
3 3 34.229.3.43 14618 (AMAZON-AES)
4 6 44.195.240.36 14618 (AMAZON-AES)
3 4 52.55.144.0 14618 (AMAZON-AES)
15 15 35.71.131.137 16509 (AMAZON-02)
11 12 3.225.218.10 14618 (AMAZON-AES)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
3 4 35.190.60.146 15169 (GOOGLE)
1 18.160.10.20 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
16 147.75.195.77 54825 (PACKET)
4 104.36.115.111 62713 (AS-PUBMATIC)
4 103.132.192.30 138552 (RTBHOUSE-...)
4 69.166.1.9 27630 (AS-XFERNET)
20 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2620:100:a001... 19750 (AS-CRITEO)
3 31 51.222.239.232 16276 (OVH)
3 216.22.16.32 30633 (LEASEWEB-...)
4 18.165.97.179 16509 (AMAZON-02)
38 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 23 52.46.130.91 16509 (AMAZON-02)
3 3 23.205.2.235 16625 (AKAMAI-AS)
6 23.41.170.143 16625 (AKAMAI-AS)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 3 216.200.232.249 30419 (MEDIAMATH...)
2 2 213.19.162.80 3356 (LEVEL3)
14 17 68.67.160.114 29990 (ASN-APPNEX)
3 3 63.251.28.134 26558 (FREEWHEEL)
12 25 8.43.72.98 26667 (RUBICONPR...)
20 40 172.253.63.155 15169 (GOOGLE)
4 4 23.105.12.171 30633 (LEASEWEB-...)
19 23 8.28.7.82 62713 (AS-PUBMATIC)
6 12 8.28.7.83 62713 (AS-PUBMATIC)
24 26 35.211.178.172 19527 (GOOGLE-2)
8 34.149.40.38 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 3 2600:9000:230... 16509 (AMAZON-02)
3 3 35.214.188.71 15169 (GOOGLE)
6 6 35.194.66.159 396982 (GOOGLE-CL...)
2 2 35.208.249.213 19527 (GOOGLE-2)
8 8 52.5.49.117 14618 (AMAZON-AES)
4 4 50.31.142.191 22075 (AS-OUTBRAIN)
3 3 70.42.32.255 13789 (INTERNAP-...)
4 5 34.98.64.218 396982 (GOOGLE-CL...)
2 3 69.173.151.100 26667 (RUBICONPR...)
8 23.197.184.187 16625 (AKAMAI-AS)
10 10 2606:ae80:145... 25751 (VALUECLICK)
3 3 63.251.86.51 32475 (SINGLEHOP...)
1 7 63.251.86.49 10913 (INTERNAP-BLK)
6 14 52.223.22.214 16509 (AMAZON-02)
5 8.28.7.81 62713 (AS-PUBMATIC)
22 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.39.36.141 26667 (RUBICONPR...)
14 14 199.127.204.142 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
11 24 162.248.18.37 62713 (AS-PUBMATIC)
1 8 8.28.7.84 62713 (AS-PUBMATIC)
5 5 35.207.24.140 15169 (GOOGLE)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
1 67.220.224.150 16509 (AMAZON-02)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 34.195.47.71 14618 (AMAZON-AES)
5 10 34.111.113.62 396982 (GOOGLE-CL...)
2 2 52.70.253.77 14618 (AMAZON-AES)
1 1 2600:9000:201... 16509 (AMAZON-02)
1 1 2600:9000:226... 16509 (AMAZON-02)
1 18.67.65.120 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 3 207.198.113.90 13768 (COGECO-PEER1)
1 1 54.88.158.25 14618 (AMAZON-AES)
4 4 198.148.27.131 19189 (PULSEPOINT)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 20.253.86.149 8075 (MICROSOFT...)
4 74.119.119.150 19750 (AS-CRITEO)
6 6 185.167.164.39 198622 (ADFORM)
1 1 52.45.175.185 14618 (AMAZON-AES)
6 198.134.116.50 27257 (WEBAIR-IN...)
1 2 69.20.43.192 27357 (RACKSPACE)
4 12 104.18.36.155 13335 (CLOUDFLAR...)
3 3 34.232.28.168 14618 (AMAZON-AES)
3 3 23.61.60.237 16625 (AKAMAI-AS)
3 3 54.164.94.122 14618 (AMAZON-AES)
4 4 199.38.167.131 54312 (ROCKETFUEL)
1 2 35.186.193.173 15169 (GOOGLE)
5 34.149.135.28 396982 (GOOGLE-CL...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8.28.7.95 62713 (AS-PUBMATIC)
2 142.251.167.155 15169 (GOOGLE)
3 2600:1402:b80... 20940 (AKAMAI-ASN1)
9 9 67.202.105.24 32748 (STEADFAST)
1 1 67.202.105.33 32748 (STEADFAST)
1 67.202.105.31 32748 (STEADFAST)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
4 7 141.95.98.64 16276 (OVH)
3 5 23.105.12.137 30633 (LEASEWEB-...)
1 15 69.166.1.35 27630 (AS-XFERNET)
7 174.137.133.32 27257 (WEBAIR-IN...)
1 1 3.16.110.141 16509 (AMAZON-02)
1 1 44.207.33.114 14618 (AMAZON-AES)
1 2 18.67.76.44 16509 (AMAZON-02)
4 5 52.50.95.14 16509 (AMAZON-02)
1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 4 23.220.128.241 16625 (AKAMAI-AS)
2 3 54.158.26.120 14618 (AMAZON-AES)
1 3.128.142.77 16509 (AMAZON-02)
1 1 159.89.246.130 14061 (DIGITALOC...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 18.207.95.25 14618 (AMAZON-AES)
1 80.77.87.166 46636 (NATCOWEB)
2 2 96.46.186.57 7979 (SERVERS-COM)
12 18.232.190.217 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 151.101.66.49 54113 (FASTLY)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 173.231.178.82 32475 (SINGLEHOP...)
4 4 188.166.17.21 14061 (DIGITALOC...)
2 2 54.160.63.89 14618 (AMAZON-AES)
2 3 3.224.166.52 14618 (AMAZON-AES)
1 2 44.199.53.197 14618 (AMAZON-AES)
1 54.158.207.29 14618 (AMAZON-AES)
1 52.86.178.195 14618 (AMAZON-AES)
1 54.82.239.169 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 2001:4958:300... 577 (BACOM)
3 3 3.214.77.105 14618 (AMAZON-AES)
2 2 23.235.251.211 19437 (SS-ASH)
1 34.102.253.54 396982 (GOOGLE-CL...)
1 23.41.168.23 16625 (AKAMAI-AS)
2 2 54.204.132.40 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.104.64.149 63949 (AKAMAI-LI...)
1 3.248.0.36 16509 (AMAZON-02)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
4 4 5.161.195.128 213230 (HETZNER-C...)
1 162.19.138.120 16276 (OVH)
1 1 131.153.203.243 20454 (SSASN2)
1 1 35.227.252.103 15169 (GOOGLE)
1 1 37.157.2.228 198622 (ADFORM)
1 8.28.7.105 62713 (AS-PUBMATIC)
1 69.173.151.96 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.251.163.149 15169 (GOOGLE)
6 172.253.122.155 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
4 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 216.219.92.22 19318 (IS-AS-1)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
1 52.203.145.176 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 34.206.203.200 14618 (AMAZON-AES)
1 3.132.17.37 16509 (AMAZON-02)
1 1 15.235.42.102 16276 (OVH)
4 4 141.94.170.77 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.86.160.58 16625 (AKAMAI-AS)
1 172.253.62.154 ()
3 4 44.197.9.244 ()
1 54.210.173.88 ()
674 136
Apex Domain
Subdomains
Transfer
86 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
st.pubmatic.com — Cisco Umbrella Rank: 1169
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
ow.pubmatic.com — Cisco Umbrella Rank: 1796
128 KB
81 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
428 KB
70 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
ad.doubleclick.net — Cisco Umbrella Rank: 154
393 KB
50 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 576263
2 MB
41 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4691
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
66 KB
38 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 30945
pbc.vliplatform.com — Cisco Umbrella Rank: 81257
13 KB
32 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
90 KB
31 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
64 KB
26 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
11 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
456 KB
20 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 17259
sync.quantumdex.io — Cisco Umbrella Rank: 3327
7 KB
19 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1987
sync.go.sonobi.com — Cisco Umbrella Rank: 931
25 KB
18 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1715
11 KB
18 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
7 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
14 KB
16 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4214
buttons-config.sharethis.com — Cisco Umbrella Rank: 4712
l.sharethis.com — Cisco Umbrella Rank: 4359
t.sharethis.com — Cisco Umbrella Rank: 6925
sync.sharethis.com — Cisco Umbrella Rank: 3042
pd.sharethis.com — Cisco Umbrella Rank: 13053
65 KB
15 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
events-ssc.33across.com — Cisco Umbrella Rank: 1543
6 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
6 KB
14 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
6 KB
12 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
6 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
8 KB
12 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10357
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6263
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
26 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
3 KB
12 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
u.4dex.io — Cisco Umbrella Rank: 3505
30 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
7 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
9 KB
10 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4850
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
33across-match.dotomi.com — Cisco Umbrella Rank: 3517
inmobi-match.dotomi.com
3 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
48 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
773 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
4 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
9 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
4 KB
7 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 35568
assets.vlitag.com — Cisco Umbrella Rank: 44068
357 KB
6 rtbserve.io
rtb-useast.rtbserve.io — Cisco Umbrella Rank: 18717
4 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
rtb.openx.net — Cisco Umbrella Rank: 695
2 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
3 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 22680
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
6 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 xaprio.net
win-rtb2-useast.xaprio.net — Cisco Umbrella Rank: 83483
rtb2-useast.xaprio.net — Cisco Umbrella Rank: 14036
1 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
5 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 19277
2 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
2 KB
4 affec.tv
map.go.affec.tv
3 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
4 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2315
1 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
2 KB
4 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
2 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
stags.bluekai.com — Cisco Umbrella Rank: 921
1 KB
4 rtbrain.app
cdn.rtbrain.app — Cisco Umbrella Rank: 10872
638 KB
4 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2969
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
240 KB
4 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
api.intentiq.com — Cisco Umbrella Rank: 1400
4 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
917 B
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
316 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
3 KB
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 506
p.typekit.net — Cisco Umbrella Rank: 621
43 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
3 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
match.360yield.com
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
671 B
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
2 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1596
loada.exelator.com — Cisco Umbrella Rank: 31419
3 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
257 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 wp.com
i0.wp.com — Cisco Umbrella Rank: 3823
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
6 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3274
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
882 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4332
643 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
2 pippio.com
pippio.com — Cisco Umbrella Rank: 988
883 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4178
1 KB
2 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3558
1 KB
2 googlevideo.com
rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com — Cisco Umbrella Rank: 629260
895 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
967 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
1011 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
765 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1605
hde.tynt.com — Cisco Umbrella Rank: 4166
3 KB
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6637
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
936 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2401
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
956 B
2 quantumsyndication.com
quantumsyndication.com — Cisco Umbrella Rank: 53988
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
680 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
62 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
105 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
11 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
558 B
1 d41.co
api5137.d41.co
770 B
1 googleadservices.com
www.googleadservices.com
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5990
16 KB
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
356 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1570
110 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
586 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
279 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5792
407 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
363 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
437 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
674 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 691
613 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
287 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
359 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
338 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
3 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
541 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2175
375 B
1 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 2948
51 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 3038
184 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
429 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513 Failed
538 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13528
520 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875
461 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2013
428 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
557 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
47 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9133
409 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 avct.cloud Failed
ads.avct.cloud Failed
0 semasio.net Failed
uipglob.semasio.net — Cisco Umbrella Rank: 1222 Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 extend.tv Failed
sync.extend.tv Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
674 147
Domain Requested by
57 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
imasdk.googleapis.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
cdn.jsdelivr.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
50 securityaffairs.com securityaffairs.com
38 cm.g.doubleclick.net 20 redirects onetag-sys.com
securityaffairs.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
eb2.3lift.com
37 px.vliplatform.com securityaffairs.com
cdn.jsdelivr.net
31 onetag-sys.com 3 redirects assets.vlitag.com
securityaffairs.com
onetag-sys.com
ads.pubmatic.com
sync.quantumdex.io
cs-server-s2s.yellowblue.io
26 x.bidswitch.net 24 redirects onetag-sys.com
24 simage2.pubmatic.com 11 redirects ads.pubmatic.com
23 image8.pubmatic.com 19 redirects onetag-sys.com
ads.pubmatic.com
23 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
onetag-sys.com
s.amazon-adsystem.com
securityaffairs.com
ads.pubmatic.com
ce.lijit.com
ssum-sec.casalemedia.com
22 s0.2mdn.net imasdk.googleapis.com
securityaffairs.com
s0.2mdn.net
17 pixel.rubiconproject.com 7 redirects onetag-sys.com
securityaffairs.com
16 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
onetag-sys.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
sync.adkernel.com
ads.pubmatic.com
16 prebid.a-mo.net assets.vlitag.com
securityaffairs.com
15 sync.go.sonobi.com 1 redirects securityaffairs.com
15 ib.adnxs.com 12 redirects securityaffairs.com
eb2.3lift.com
15 match.adsrvr.org 15 redirects
14 tpc.googlesyndication.com 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
securityaffairs.com
imasdk.googleapis.com
tpc.googlesyndication.com
s0.2mdn.net
14 eb2.3lift.com 6 redirects ads.pubmatic.com
sync.quantumdex.io
eb2.3lift.com
14 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.jsdelivr.net
securityaffairs.com
12 image2.pubmatic.com 6 redirects ads.pubmatic.com
11 ups.analytics.yahoo.com 10 redirects assets.a-mo.net
10 pixel.tapad.com 5 redirects securityaffairs.com
ads.pubmatic.com
10 sync.1rx.io 10 redirects
10 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
securityaffairs.com
www.googletagservices.com
9 ssc-cms.33across.com 9 redirects
8 cs-server-s2s.yellowblue.io sync.quantumdex.io
ads.pubmatic.com
cs-server-s2s.yellowblue.io
8 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 csi.gstatic.com imasdk.googleapis.com
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
securityaffairs.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
assets.vlitag.com
sync.quantumdex.io
hde.tynt.com
sync.adkernel.com
8 match.prod.bidr.io 8 redirects
8 u.4dex.io onetag-sys.com
securityaffairs.com
hde.tynt.com
ads.pubmatic.com
8 sync.sharethis.com securityaffairs.com
7 sync.adkernel.com securityaffairs.com
sync.quantumdex.io
sync.adkernel.com
7 id5-sync.com 4 redirects assets.vlitag.com
securityaffairs.com
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
securityaffairs.com
ce.lijit.com
7 imasdk.googleapis.com services.vlitag.com
imasdk.googleapis.com
securityaffairs.com
6 ade.googlesyndication.com securityaffairs.com
6 events-ssc.33across.com hde.tynt.com
ads.pubmatic.com
6 rtb-useast.rtbserve.io imasdk.googleapis.com
securityaffairs.com
6 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 um.simpli.fi 6 redirects
6 eus.rubiconproject.com securityaffairs.com
eus.rubiconproject.com
hde.tynt.com
cs-server-s2s.yellowblue.io
5 a.audrte.com 4 redirects securityaffairs.com
5 rtb-csync.smartadserver.com 3 redirects securityaffairs.com
5 g.bidbrain.app securityaffairs.com
5 c1.adform.net 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 image6.pubmatic.com ads.pubmatic.com
4 map.go.affec.tv 3 redirects securityaffairs.com
4 pixel.onaudience.com 4 redirects
4 rtb2-useast.xaprio.net securityaffairs.com
4 sync-dmp.mobtrakk.com 4 redirects
4 cs.yellowblue.io cs-server-s2s.yellowblue.io
onetag-sys.com
4 match.adsby.bidtheatre.com 4 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 cdn.rtbrain.app 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
4 dis.criteo.com 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
ads.pubmatic.com
eb2.3lift.com
ssum-sec.casalemedia.com
4 bh.contextweb.com 4 redirects
4 www.googletagservices.com 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
securityaffairs.com
s0.2mdn.net
4 match.sharethrough.com 2 redirects securityaffairs.com
4 image4.pubmatic.com 1 redirects onetag-sys.com
ads.pubmatic.com
4 sync.targeting.unrulymedia.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 bidder.criteo.com assets.vlitag.com
4 useast.quantumdex.io assets.vlitag.com
4 apex.go.sonobi.com assets.vlitag.com
4 prebid-asia.creativecdn.com assets.vlitag.com
4 hbopenbid.pubmatic.com assets.vlitag.com
4 idsync.rlcdn.com 3 redirects ads.pubmatic.com
4 ps.eyeota.net 3 redirects securityaffairs.com
4 services.vlitag.com securityaffairs.com
services.vlitag.com
4 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
3 i.liadm.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 dpm.demdex.net 2 redirects securityaffairs.com
3 tags.bluekai.com 1 redirects securityaffairs.com
tags.bkrtx.com
3 us-u.openx.net 2 redirects ads.pubmatic.com
3 p.rfihub.com 3 redirects
3 pubads.g.doubleclick.net imasdk.googleapis.com
securityaffairs.com
3 sync.srv.stackadapt.com 3 redirects
3 px.owneriq.net 3 redirects
3 sync.crwdcntrl.net 2 redirects securityaffairs.com
3 pixel-sync.sitescout.com 3 redirects
3 px.ads.linkedin.com securityaffairs.com
eb2.3lift.com
3 ad.turn.com 3 redirects
3 ap.lijit.com 3 redirects
3 pixel-us-east.rubiconproject.com 2 redirects s.amazon-adsystem.com
3 sync.outbrain.com 3 redirects
3 csync.loopme.me 3 redirects
3 s.ad.smaato.net 2 redirects securityaffairs.com
3 ssbsync-global.smartadserver.com 3 redirects
3 ads.stickyadstv.com 3 redirects
3 sync.mathtag.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 prg-apac.smartadserver.com assets.vlitag.com
3 bcp.crwdcntrl.net 2 redirects ads.pubmatic.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 assets.vlitag.com services.vlitag.com
securityaffairs.com
3 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 inmobi-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects securityaffairs.com
2 www.youtube.com securityaffairs.com
2 ad.doubleclick.net 1 redirects securityaffairs.com
2 pippio.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 t.pswec.com 2 redirects
2 server.cpmstar.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com securityaffairs.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com sync.quantumdex.io
ssum-sec.casalemedia.com
2 ads.betweendigital.com 2 redirects
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 secure.adnxs.com 2 redirects
2 creativecdn.com 2 redirects
2 api.intentiq.com 1 redirects securityaffairs.com
2 mug.criteo.com securityaffairs.com
2 gum.criteo.com 1 redirects
2 use.typekit.net s0.2mdn.net
use.typekit.net
2 googleads4.g.doubleclick.net securityaffairs.com
2 ice.360yield.com 2 redirects
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
2 www.google.com 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
securityaffairs.com
2 quantumsyndication.com imasdk.googleapis.com
securityaffairs.com
2 sync.ipredictive.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 u.openx.net 2 redirects
2 trace.mediago.io 2 redirects
2 static.criteo.net assets.vlitag.com
static.criteo.net
2 pixel-eu.rubiconproject.com 2 redirects
2 i.clean.gg cadmus.script.ac
2 mp.4dex.io assets.vlitag.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 cdn.jsdelivr.net assets.vlitag.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
2 ml314.com 1 redirects securityaffairs.com
2 loadus.exelator.com 2 redirects
2 l.sharethis.com 1 redirects securityaffairs.com
2 fonts.googleapis.com securityaffairs.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
1 api5137.d41.co securityaffairs.com
1 match.360yield.com 1 redirects
1 www.googleadservices.com securityaffairs.com
1 stags.bluekai.com 1 redirects
1 tags.bkrtx.com pd.sharethis.com
1 mwzeom.zeotap.com securityaffairs.com
1 spl.zeotap.com 1 redirects
1 loada.exelator.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 pd.sharethis.com t.sharethis.com
1 i6.liadm.com securityaffairs.com
1 bpi.rtactivate.com securityaffairs.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 inv-nets.admixer.net 1 redirects
1 win-rtb2-useast.xaprio.net securityaffairs.com
1 prebid-server.rubiconproject.com securityaffairs.com
1 ow.pubmatic.com securityaffairs.com
1 ssum.casalemedia.com 1 redirects
1 cm.adform.net 1 redirects
1 rtb.openx.net 1 redirects
1 lb.eu-1-id5-sync.com assets.vlitag.com
1 tags.rd.linksynergy.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 contextual.media.net cs-server-s2s.yellowblue.io
1 ads.playground.xyz cs-server-s2s.yellowblue.io
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ads.pubmatic.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 cs.admanmedia.com sync.quantumdex.io
1 ssp.disqus.com 1 redirects
1 e.serverbid.com 1 redirects
1 x.videobyte.com securityaffairs.com
1 d.turn.com securityaffairs.com
1 dmp.adform.net 1 redirects
1 nep.advangelists.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 id.a-mx.com assets.vlitag.com
1 p.typekit.net use.typekit.net
1 hde.tynt.com securityaffairs.com
1 de.tynt.com 1 redirects
1 st.pubmatic.com 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
1 ius.ctnsnet.com 1 redirects
1 a.rfihub.com 1 redirects
1 im.bluevoox.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 sync1.intentiq.com securityaffairs.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com securityaffairs.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 pbc.vliplatform.com assets.vlitag.com
1 cadmus.script.ac script.4dex.io
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cms.analytics.yahoo.com 1 redirects
1 www.google.ca securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 fonts.gstatic.com fonts.googleapis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.com
1 i0.wp.com securityaffairs.com
1 platform-api.sharethis.com securityaffairs.com
0 global.ib-ibi.com Failed securityaffairs.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 ads.avct.cloud Failed ads.pubmatic.com
0 uipglob.semasio.net Failed securityaffairs.com
0 ssl-market-east.smrtb.com Failed securityaffairs.com
0 match.bnmla.com Failed securityaffairs.com
0 sync.extend.tv Failed 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
0 cs.krushmedia.com Failed ce.lijit.com
674 232

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.sumologic.com
infosec.exchange
www.linkedin.com
securityaffairs.co
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5
2023-10-18 -
2024-01-16
3 months crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
vlitag.com
GTS CA 1P5
2023-09-28 -
2023-12-27
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
cert1-prod.aut.a24365.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google.ca
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-01 -
2024-07-31
a year crt.sh
*.a-mo.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
script.ac
E1
2023-10-31 -
2024-01-29
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
i.clean.gg
GTS CA 1D4
2023-09-17 -
2023-12-16
3 months crt.sh
u.4dex.io
GTS CA 1D4
2023-10-22 -
2024-01-20
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
quantumsyndication.com
GTS CA 1P5
2023-10-08 -
2024-01-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.rtbserve.io
Sectigo RSA Domain Validation Secure Server CA
2023-02-07 -
2024-03-08
a year crt.sh
*.bidbrain.app
R3
2023-08-30 -
2023-11-28
3 months crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3
2023-10-19 -
2024-10-18
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1
2023-03-22 -
2024-03-31
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.videobyte.com
Amazon RSA 2048 M02
2023-10-25 -
2024-11-22
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02
2023-04-18 -
2024-05-16
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02
2023-03-31 -
2024-04-28
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01
2022-11-10 -
2023-12-09
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.googlevideo.com
GTS CA 1C3
2023-10-10 -
2023-12-19
2 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-02-09 -
2024-02-13
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-09-17
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.xaprio.net
Sectigo RSA Domain Validation Secure Server CA
2023-02-14 -
2024-02-14
a year crt.sh
truffle.bid
R3
2023-10-24 -
2024-01-22
3 months crt.sh
*.iprom.net
R3
2023-08-16 -
2023-11-14
3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
events-ssc.33across.com
GTS CA 1D4
2023-10-25 -
2024-01-23
3 months crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-18 -
2024-01-17
a year crt.sh
*.d41.co
DigiCert TLS RSA SHA256 2020 CA1
2023-02-21 -
2024-03-05
a year crt.sh

This page contains 91 frames:

Primary Page: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Frame ID: 606242014A628CF7723DA3B9CDCE45AA
Requests: 215 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html
Frame ID: FE997009D9D08FDA93C7ACEB8BFFA2AC
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B
Frame ID: 87048C0E7F9E06F29A3FF52389C0EDFD
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23364/a/CA/t_.js?cid=c010&cls=B
Frame ID: CC518C8CC37078C1F1A1832DC72ABDB6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1699548097&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699548097146&bpp=6&bdt=1046&idt=560&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5015548753147&frm=20&pv=2&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079347%2C44807460%2C31078297%2C44808149&oid=2&pvsid=3334696842036870&tmod=263354514&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=597
Frame ID: 4D1BA164835663B87DF06C308A08052D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 4FBA1E837F432BB85AB849ECD3D7C2EF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C239A108B695301E595B48BF5AE71CE3
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: E6EC4B5557464EED35B9DD6F259DBF0E
Requests: 20 HTTP requests in this frame

Frame: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6F859FFA79CB2397786C8822B826F17
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: AC8712132039CBA0AE66C9C2C3343065
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 032F4599D4B0A0915B0E27CEAE1D553B
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1652812984930789700&gdpr=0&gdpr_consent=
Frame ID: 2160F8D9C9253D9093AE3E89B713F49D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHkPcm_Xh5DQM5kAkvAAAAAAA&expiration=1699634499&is_secure=true
Frame ID: 75724DF77C5908CAD7CD10A178F9A73B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 33B98498F3508BCEED63316CDF9C77E4
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2572705412202874115175
Frame ID: 488B7775B14A03396E33F881772F138A
Requests: 1 HTTP requests in this frame

Frame: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CAD61426AF47F31799CFE847C26F5E33
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 98408EC9264B6880D105D1394A8BCF8F
Requests: 48 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1DD83EC9C0519853D2AC739ABD7D4F17
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A26014D72E3FA701100EB5955FB8A619
Requests: 11 HTTP requests in this frame

Frame: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0488C785A6B29B5E1412273596796270
Requests: 14 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
Frame ID: 46075D70F207049C5CADBB96781F781A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: 4CC9FEAA60C05A7CF198D9C0B9F6015A
Requests: 1 HTTP requests in this frame

Frame: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ECD1F2B420FC29473F673CE564559CF6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 116AB7A5EB449E6562BC851622274564
Requests: 9 HTTP requests in this frame

Frame: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3418BAEC5A4DC2A34AFC807A43D68FDC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Frame ID: CFD43986059274757B7023E14F1E4A8F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5BF53286117E166F2B2C37DA03DBFEC7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Frame ID: 681EFB5C9F51753C799657B6DB76EEC6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5D986C3FF66CBB1AFD592C3AE4D40012
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 12ABAF35D2047300C447EBC14EAEAC0E
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5A82CCECA5307DBCEC355BB5C97B5C4B
Requests: 2 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=1059878&adId=5091258&imprId=EA01804F-6C2C-4A2B-B806-B7FEF4D3F8D0&cksum=7F13516B7663CDC9&adType=10&adServerId=243&kefact=0.150000&kaxefact=0.150000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1699548098&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.150000&dcId=2&tldId=0&passback=0&svr=BIDNYC30095TB&adsver=_3141725595&adsabzcid=1&cls=BID&i0=0x2100000000000000&ekefact=wgtNZYSQBwDw_6nIpiFywsWkC_elRYRgk-RQO0GBWZTIAzCV&ekaxefact=wgtNZZaQBwAYkJ1UYUuKwQPnCgHatAOT_Vj0qYvJxaskyHla&ekpbmtpfact=wgtNZaOQBwBoxxocT_okDYryLv7aAHnokmvM8otkC7y-CMgH&enpp=wgtNZbCQBwCiq86sj_XEhMGBJ4iRgJwQJ7iT2HOvhk8_0i5R&pfi=1&domId=8222502327166973060&dc=NYC3&pubBuyId=18157&crID=499828858&lpu=vrbo.com&ucrid=915826724183998974&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1530931&wDspId=80&wbId=2&wrId=2610456&wAdvID=7607&wDspCampId=44285497&isRTB=1&rtbId=BA53D2E0-4AC1-454C-8FA0-1FD74325D264B&ver=11&dateHr=2023110916&usrgen=2&usryob=0&layeringebl=1&oid=EA01804F-6C2C-4A2B-B806-B7FEF4D3F8D0&cntryId=40&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Frame ID: DFEC3E17625F28B8499FE14C4C26CC3C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F942215532B51C9784466341181E8128
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5A63F0C7DA4336381FACE5778307202D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Frame ID: A9EBE4CBAB67D9787C4BB45784291091
Requests: 24 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 9CF40F9103A54EAFDCAE336756662160
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 064424C5F50FF34E2BEF69C4DAAB5C01
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: ABB72F141655A9D1743004FB835DE115
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 08D3A91C9008FEE008E9595B1A5CBC19
Requests: 14 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A99AEF65B4E169388708C648E8E32A20
Requests: 18 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1699548098344
Frame ID: 71FD0C8F512998B868BACD356E8B75C9
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: D2AE006B57019673EE029DB42692276E
Requests: 8 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: CBBBE8215D6725DAA8241104EDF3FE55
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1495519988467371757
Frame ID: 656CF38AC056A9222E3CB2D4EF6FDB7E
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A4725246502857968126
Frame ID: 69FC2F17BD7BA1959735A7F961B43A91
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A907824279182366546
Frame ID: F8CE147D7AB5C51356DD0AFE04347C6E
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 4B837B1E6785A97F7AECBADC048C528C
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: D57827A81E741B53EBECDC5D505823B0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6910DB91D5863CA1D826B77EC4783F10
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FDD0E1DC3F3120213FBE44D7D2A8A57B
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 27A57DD3CEA41541120CDC4C5324CED8
Requests: 5 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A3553369894007549913
Frame ID: 7E345CFDF024EA7248DEC91AB5C5D161
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1E7B84FAF51E4323DF395AF8A4FAC066
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZk07KmhgAABRwTZiIEg&gdpr=0&gdpr_consent=
Frame ID: 640DCE7F45A70A4D02C88D2A4C60F72E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8365386662731688929&gdpr=0&gdpr_consent=
Frame ID: 7334D2AFB0CB798A34FBBD0EF4200BEE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZU0LxgAAAD32KAAj
Frame ID: 6F26CDD44A61614402F33A4E6B6BE3A7
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1724E929669549A1AA5F8EC2DAD0A0BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f834df05-11bc-41e4-98eb-79c0baa615d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: E0F277137C047FAB2A4B321BC1859272
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
Frame ID: 8E2B6F867A8F443F0A7E2FA4FB5B0A51
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2623020820975271758
Frame ID: 8EEC68B41E2AD01AFBAFF1F8F74B75DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
Frame ID: 1A3DA4891262D422C90AF968CCD38046
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&gdpr=0&gdpr_consent=
Frame ID: 01BC811C66A18AA16DB3DE8342C68EEC
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: 1CEA42E3FCB8D4C82D1F9F0BAD0B8BB8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CFEFCC26782CFEF8295DDA789BBE6817
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: 07D0F07B86A966CB97AA6C6DC67CD275
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: FF9D07AEAAA94589DC3CD33AFE3CE5FF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 20980C44C7FD56F151307F4A2B94902A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 764E724ECD04AC9EAA0BCF3D9CB0ED0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Frame ID: B350FE338B01CC6F899646D15F46A957
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: CF6AA4077606082176C6BBBE7BF288EC
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 8F71D939F034091EB4F0BA9D72C67D7A
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C986CFDE4948758FD661D9D2A50E1541
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda6fd0de5ce44fb5a1c37258e99bf261
Frame ID: F87BE16A2B3E3C832A8345D1180553DA
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: A822DD32C9C2B3BFE4088E0AD6085339
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:303e804a-c1c3-4f97-abcf-bb9b472f6ca6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: C98163BF1ADA9B181A8ECC97FBF64D37
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=850249877883
Frame ID: F750B666A2FD5100B0C55B337DC76137
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FE284C53573D890864A2152AA1803701
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 44144854C66E2B9FCD82FC4630E8F3F7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yQaVZ-o2CWyyfmRuxwtNZQ
Frame ID: 58A4C9AEFBD594CA11BEF108D82E1253
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:56905816-2296-421c-bdf8-945f6a57ed71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: D509D43F5BB0A2C52089A5665BE16C3F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: B04F1EFB987791625ADAD6B545AEAA71
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 9534FF60AE2780B8758B6741DE00468A
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Frame ID: 0CD4FA16930DC81BA73BF0FDAD423EF7
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1628CC554876969F8A53F76C9CB1D0FA
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 11B92183C42488843F2821A21F941550
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7528345012076470423P
Frame ID: C509B94585306929D57195240EF54064
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B&gdpr=0&gdpr_consent=
Frame ID: 3AFD19B369F3E9486A0BD031DC9CCF8B
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: 4A5E4CA368A1338E92A87626303A1E3A
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=28C0E945-35F4-407E-84C4-B03C0320B0C6
Frame ID: 59C2D5F0F632C81976A5AD0414F9E7EF
Requests: 1 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 2763DD2CE9E3B7B035109143C9142C5B
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Frame ID: 172B8C3047FB5132EDFC12F3C2E27B5C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sumo Logic discloses security breach

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

674
Requests

73 %
HTTPS

26 %
IPv6

147
Domains

232
Subdomains

136
IPs

13
Countries

6921 kB
Transfer

16867 kB
Size

321
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sumo%20Logic%20discloses%20security%20breach&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Security%20firm%20Sumo%20Logic%20disclosed%20a%20security%20breach%20after%20discovering%20the%20compromise%20of%20its%20AWS%20account%20compromised%20last%20week.&ua=&ua_mobile=false&ua_full_version_list=&uuid=f1eee906-fc36-46bf-a163-f159c67d24a9 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sumo%20Logic%20discloses%20security%20breach&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Security%20firm%20Sumo%20Logic%20disclosed%20a%20security%20breach%20after%20discovering%20the%20compromise%20of%20its%20AWS%20account%20compromised%20last%20week.&ua=&ua_mobile=false&ua_full_version_list=&uuid=f1eee906-fc36-46bf-a163-f159c67d24a9&samesite=None
Request Chain 85
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=0a8bdb63816d824d9240fe8dd61ce4fb
Request Chain 86
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/int/lotame?uid=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0&gdpr_consent=
Request Chain 87
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2MNXUYCfzH_FuQON2TXJkNZqCVgu2Wnjj8OIsUgXciBQ&gdpr=0&gdpr_consent=
Request Chain 88
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Request Chain 89
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://sync.sharethis.com/yahoo?uid=y-VPPkNsZE2oOQ9gNzONTkYdZnNA10r9a7wEY-~A&gdpr=0
Request Chain 90
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639818809408749569 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzOTgxODgwOTQwODc0OTU2ORAAGg0Iwpe0qgYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=9d4b6434819abffc2748a08d3b7c3296e52105e9ceb5d1972a1fc73e8bedb241f4cb09cee1a4f8eb&person_id=3639818809408749569&eid=50082
Request Chain 150
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 152
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 156
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent=
Request Chain 157
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LORF225Y-A-HXS7&gdpr=0
Request Chain 158
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
Request Chain 159
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Request Chain 161
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi7T18FbT_8EHA1mjkbDDeRl73rhbILRaTw
Request Chain 162
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
Request Chain 163
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg
Request Chain 164
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhDMEU5NDUtMzVGNC00MDdFLTg0QzQtQjAzQzAzMjBCMEM2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGRnALehH-dT7L_9q3qe3lo&google_cver=1
Request Chain 166
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Request Chain 168
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&google_hm=Y2UzOTg4ZTYtNTIxYy00ZTlhLTg4ZTUtYmIzOWZiMDFkYTBi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFBCLp9uNt9Bx70uiAfhk-g&google_cver=1&ssp=onetag&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 190
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ee30eb1cd0
Request Chain 191
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Request Chain 192
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e
Request Chain 193
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=D49FE6139CB34124B84DD67D7B3FB79B&ex=simpli.fi&status=ok
Request Chain 194
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=4df39c491145063d28hxwf00lorf22bg
Request Chain 195
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAEZk07KmhgAABRwTZiIEg&ex=beeswax.com
Request Chain 196
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=i2bMDCOzHBwHsbVY-aO-&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3Desok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3Desok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&uid=8b36e617-f641-4673-a1a6-04b2d9a459ae HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=appnexus&uid=$UID&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=appnexus&uid=8365386662731688929&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=15268&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Request Chain 198
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1652812984930789700&gdpr=0&gdpr_consent=
Request Chain 199
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3b67c0e70390154c&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHkPcm_Xh5DQM5kAkvAAAAAAA&expiration=1699634499&is_secure=true
Request Chain 200
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 201
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2572705412202874115175
Request Chain 212
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LORF21YV-1G-7I30 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Request Chain 213
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1699548099924 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6034495754 HTTP 302
  • https://sync.1rx.io/usersync/turn/2513037740847063967?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Request Chain 215
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zPYvhfCNwmFd7YYoylXFKG3l2nXvoZBgm2uk3g0SLaw
Request Chain 216
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LORF21YV-1G-7I30&gdpr=0
Request Chain 217
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
Request Chain 218
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Request Chain 220
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
Request Chain 221
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUymJQU746oAD7lmsrnmfA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Request Chain 222
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d389a46b-20c1-48eb-a0d8-84e096eb65fb&ssp=onetag&gdpr=0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 226
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=&expires=30
Request Chain 227
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dUNktMYxWersky7jiUySY8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.N2s4lE2oKAyN63S5h29e7H6KO3FAYlEYl1CA--~A
Request Chain 228
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u9IsAgEPR_iuSNnBfdjnjA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u9IsAgEPR_iuSNnBfdjnjA
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1ODgyMzJjZDQ0MTRkNzNiOTk0ZDg5YjRjYjkzNWJiOTExZjQ2OA
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFGrSTBUkD4uASaoMzMj2_M&google_cver=1
Request Chain 232
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9SRjIxWVYtMUctN0kzMA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNTc0Lg5FZcewYMyqG_Vpo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRjIxWVYtMUctN0kzMA==&google_push=
Request Chain 233
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORF21YV-1G-7I30
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEZk07KmhgAABRwTZiIEg&expires=30
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORF21YV-1G-7I30
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Request Chain 237
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORF21YV-1G-7I30
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LORF21YV-1G-7I30
Request Chain 239
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5e872b9c-c8d1-475f-a771-4666c6760cd7&expires=30
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LORF21YV-1G-7I30
Request Chain 241
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LORF21YV-1G-7I30 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30&ckls=true&ci=teeZip6z5J&nc=false&trid=1620051571
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KMDpRTX0QH6ExLA8AyCwxg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 254
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28C0E945-35F4-407E-84C4-B03C0320B0C6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28C0E945-35F4-407E-84C4-B03C0320B0C6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0633bcd8-fc67-447d-af38-f03f3b151a77&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUymJQU746oAD7lmsrnmfA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 258
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
Request Chain 259
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Request Chain 260
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Request Chain 277
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=
Request Chain 278
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HoNphPZHfo40qwB1T-6mCZeS&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:dc7914dfee66b4b74964e8031de2b30d
Request Chain 279
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=b8hXQzY7XWqJ&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 281
  • https://um.simpli.fi/lj_match?r=1699548099861&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=D49FE6139CB34124B84DD67D7B3FB79B
Request Chain 283
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=1&google_push=AXcoOmRQ3oDgGlgXiNI9Z5jg1fiQII34Cc3L9NzKaFVwuR3QSIyqkQsRBJ94_dG5J26SMxV3FTZfjr6Xrj03uNt4iI7_EHnXGe4D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzkyM2I3YzEtNWY0Yy00MDg3LWI4NjAtYjZmMjQyYjQyMTdk&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=1&google_push=AXcoOmRQ3oDgGlgXiNI9Z5jg1fiQII34Cc3L9NzKaFVwuR3QSIyqkQsRBJ94_dG5J26SMxV3FTZfjr6Xrj03uNt4iI7_EHnXGe4D
Request Chain 285
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBaGyIodTx6fqNpGL-PT6kI&google_cver=1&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERcjbLlhI6SvCW1lseLmo9b HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBaGyIodTx6fqNpGL-PT6kI&google_cver=1&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERcjbLlhI6SvCW1lseLmo9b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxOTE2MDc1NDc1NzU0Mzcw&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERcjbLlhI6SvCW1lseLmo9b
Request Chain 286
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEArgLqv-kq0ZFBMyZOjxYpI&google_cver=1&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAEGq_1MwAqtQRR2aXGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAEGq_1MwAqtQRR2aXGQ&google_hm=aTJiTURDT3pIQndIc2JWWS1hTy0=
Request Chain 287
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGVaBijW0Lxq00i8I7TX4v4&google_cver=1&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLIdkD_-iYt3c2y6OqR3xjgfg28PomeZoNdnHY-FpM4xxyh_2U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLIdkD_-iYt3c2y6OqR3xjgfg28PomeZoNdnHY-FpM4xxyh_2U&google_hm=QlMuZWVlYy00NThjLTRkY2MtODhlNA==
Request Chain 288
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECcUKvk_WtO9ejRemn59uzY&google_cver=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DFjoERN-j6u4OvEqB7c7Nnp2if2-Q HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECcUKvk_WtO9ejRemn59uzY&google_cver=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DFjoERN-j6u4OvEqB7c7Nnp2if2-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=04mkayDBSOug2ITglutl-w==&no_redirect=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DFjoERN-j6u4OvEqB7c7Nnp2if2-Q
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENCb56pgQwZP4GpzQfxb6Ik&google_cver=1
Request Chain 318
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=cjVVb2FyNktza0E
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&C=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU0LxIQ.p-0qjlW3xTznXgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&google_hm=2
Request Chain 322
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=c4df7e7f-62c6-4761-bf16-33e03eb65218
Request Chain 326
  • https://px.owneriq.net/ecmg?google_gid=CAESEFkB9AF-w-SkQYGVfoD9Rws&google_cver=1&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR%26google_cver%3d1%26google_gid%3dCAESEFkB9AF-w-SkQYGVfoD9Rws%26google_hm%3dUTc1MjgzNDUwMTIwNzY0NzA0MjM%3d&uid=Q7528345012076470423&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR&google_cver=1&google_gid=CAESEFkB9AF-w-SkQYGVfoD9Rws&google_hm=UTc1MjgzNDUwMTIwNzY0NzA0MjM=
Request Chain 328
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIG6vBjByyHT3sFWPsHHsCI&google_cver=1&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraFJT04GtPo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraFJT04GtPo&google_hm=eS1kWS5hTTFoRTJwSC5ITUtlNVlMOThnYU5veTZmUm1kNX5B
Request Chain 329
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEIxK8aayMDAmr26zHOvhqjw&google_cver=1&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYNbesYaw-7QrWRlgmqE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYNbesYaw-7QrWRlgmqE
Request Chain 330
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHoM2k5grpXT2qr7F7HXHIY&google_cver=1&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8WgHV0ULJ1XgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8WgHV0ULJ1XgA&google_hm=MjYyMzAyMDgyMDk3NTI3MTc1OA==
Request Chain 331
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELUsumNh8sslb66OeTGfStk&google_cver=1&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1s4KcuypalL_HG1ww71qXKhVwXFM0r5EpyeN0ZXGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1s4KcuypalL_HG1ww71qXKhVwXFM0r5EpyeN0ZXGg&google_hm=jRfd_2NdRe6mfsUlqjoiA7Y
Request Chain 332
  • https://trace.mediago.io/cs/google?google_gid=CAESEGplCXgBBnD-wkucJprP1ak&google_cver=1&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-PQAFP5_YA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-PQAFP5_YA&google_hm=4df39c491145063d28hxwf00lorf22bg
Request Chain 391
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Request Chain 392
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5178507491 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0633bcd8-fc67-447d-af38-f03f3b151a77 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Request Chain 402
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=AzCq4HxraXhxUms5a0N1UGtFbWYzVk85S3FscnY3NWVLY0JSN0p5bUh5TzlzdHZaVFlqMmF3dTc2QzR1T0ltSUZqMUlYSWdFb3NYWitnV0hJZ052THBpamtxWUVWVFhFZ0J6SXo0bEUwL2t1L0JSL2dCd1pSeDRHV05oWWk3ZzZtTS9FTFJZVE5yNS9WVGV6Y1R1NGpxdFVhcTl4SlRkK2VkTWhkRmRzMGxIdzAwYnlVQWRFNndXOGUxRDdsWG1nMm5FTUd4eVFmbG5yVExrODRwTFZneXhnZWZoaGlyQmVVV3J3MXVKQkxrbjQrcHJpZHJOK0gweUtsVjkxcmg3blZvZEVJfA&cppv=2
Request Chain 408
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1652812984930789700&gdpr=0&gdpr_consent=
Request Chain 409
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2572705412202874115175
Request Chain 410
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0633bcd8-fc67-447d-af38-f03f3b151a77&pubid=4d443a3ea2
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Request Chain 415
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2623020820975271758
Request Chain 416
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0ae73278-118f-48e2-a540-04f48fc05f21&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cUk1aUVQcWhvdlp3VmYwY0pibTUyZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEODZ_DFzMf4_k5zDtj1wVMw&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b8hXQzY7XWqJ
Request Chain 417
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=6f7d3936a1bf4aa2a53306b303f7cfb0&gdpr=0&gdpr_consent=0
Request Chain 418
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 419
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=0ae73278-118f-48e2-a540-04f48fc05f21 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D340635126&pcid=$UID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=340635126&pcid=8365386662731688929
Request Chain 420
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGQ0QkRKeGtVZjVSY3FHY2g3OEZ5M0xoZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGRkNEJESnhrVWY1UmNxR2NoNzhGeTNMaGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGRkNEJESnhrVWY1UmNxR2NoNzhGeTNMaGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGRkNEJESnhrVWY1UmNxR2NoNzhGeTNMaGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=191916075475754370&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGRkNEJESnhrVWY1UmNxR2NoNzhGeTNMaGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=dd4BDJxkUf5RcqGch78Fy3Lhg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=1652812984930789700&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 421
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=900a7312-587b-4c80-b9f1-5f394329dfc0
Request Chain 426
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=cf34NU9bylU0hAu57blx&pi=sonobi&tc=1
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MGFlNzMyNzgtMTE4Zi00OGUyLWE1NDAtMDRmNDhmYzA1ZjIx HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEK0gF6-ESvPTPwzDehHfnpc&google_cver=1
Request Chain 429
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21
Request Chain 430
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d389a46b-20c1-48eb-a0d8-84e096eb65fb
Request Chain 431
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=GhLl1WHJVBRctqE9BNKSB0YZ_7Y
Request Chain 432
  • https://id5-sync.com/s/434/9.gif?puid=0ae73278-118f-48e2-a540-04f48fc05f21&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=0ae73278-118f-48e2-a540-04f48fc05f21&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/8/2.gif?puid=3bb9e9c8-0485-4926-b486-156051b1d83a&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=0633bcd8-fc67-447d-af38-f03f3b151a77&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/5/5.gif?puid=8365386662731688929&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/4/6.gif?puid=u_cc95bf89-ecab-4cac-b993-eaf62f7cb946&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/112/3/7.gif?puid=91136523C92BA8FE&gdpr=0&gdpr_consent= HTTP 302
  • https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F987%2F2%2F8.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/434/987/2/8.gif?puid=di_bf19b4b662464003b6b1d&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAEZk07KmhgAABRwTZiIEg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTExMzY1MjNDOTJCQThGRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAHZQXMKJNuCO8E97gUEaRg&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw&google_cver=1
Request Chain 434
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=bbed91187039492fad91187039692fcc
Request Chain 435
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=191916075475754370&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 436
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8365386662731688929
Request Chain 437
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=0ae73278-118f-48e2-a540-04f48fc05f21 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3bb9e9c8-0485-4926-b486-156051b1d83a%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8365386662731688929&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Request Chain 438
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2075%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1370374581 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2075/b409654d-0bc3-4900-a46b-45ca742dc72d?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Request Chain 451
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Request Chain 452
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8365386662731688929
Request Chain 453
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ff06b7ad-b9e4-47bf-b825-73a856945536
Request Chain 454
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3b9956e3-687b-30c9-a1e9-82f1b29fa62f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjk5NTZlMy02ODdiLTMwYzktYTFlOS04MmYxYjI5ZmE2MmYQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtM2I5OTU2ZTMtNjg3Yi0zMGM5LWExZTktODJmMWIyOWZhNjJmMgIYHjgB&gdpr=&gdpr_consent=
Request Chain 455
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-3541872145299294774 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=dc6c0739-7917-5339-b4a9-2d75d1e426b3
Request Chain 456
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=ee30eb1cd0
Request Chain 457
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-55d2Z7L7yWNDtNNTC0aQHjus8D12Q0m31cFL_FIzDw
Request Chain 463
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 470
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWmswN0ttaGdBQUJSd1RaaUlFZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEZk07KmhgAABRwTZiIEg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEZk07KmhgAABRwTZiIEg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1652812984930789700&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEZk07KmhgAABRwTZiIEg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1652812984930789700%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1652812984930789700&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEZk07KmhgAABRwTZiIEg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZk07KmhgAABRwTZiIEg&gdpr=0&gdpr_consent=
Request Chain 471
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8365386662731688929&gdpr=0&gdpr_consent=
Request Chain 472
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZU0LxgAAAD32KAAj
Request Chain 474
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dce39620-7f1e-11ee-97d5-513f6ca673b5 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f834df05-11bc-41e4-98eb-79c0baa615d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 475
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
Request Chain 476
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2623020820975271758
Request Chain 477
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
Request Chain 478
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&gdpr=0&gdpr_consent=
Request Chain 479
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:n0gkqEed1R186a5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 481
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=552da1a9-f27d-4896-b9db-1e4281b89c01&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 482
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=4d4d7b4d-0a44-4555-b229-39852e0b77cd
Request Chain 487
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=478579be86c7154c&is_secure=true&networkId=17100&version=1&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHkPcm_Xh5jgMBDNpJAAAAAAA&expiration=1699634502&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
Request Chain 488
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5e872b9c-c8d1-475f-a771-4666c6760cd7&gdpr=0&gdpr_consent=
Request Chain 490
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 491
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10BE2BB19_4AAC929F&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 492
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2513037740847063967&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 501
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0633bcd8-fc67-447d-af38-f03f3b151a77&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 502
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIpTKUVGf3oxyBGg5tbvpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 504
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D
Request Chain 506
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2572705412202874115175?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-p2ORr_lE2oTWxRH7rdCWdE8MiYEhDBNLVshS9mQVPw--~A&dongle=0883
Request Chain 507
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2572705412202874115175&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=2afc7f67-f499-4f23-8453-7e553b2ee1ba&ssp=triplelift&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 509
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8365386662731688929&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 517
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0633bcd8-fc67-447d-af38-f03f3b151a77&expiration=1702140102&gdpr=0&gdpr_consent=
Request Chain 518
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK5Q7gXSBim8ojGD7wnapys&google_cver=1
Request Chain 519
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=91d8a00c5ce6462d8c000695962c8d92 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 520
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e8225a1b09410fc&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGtcNUQFpBiAMWowurAAAAAAA&expiration=1699634502&is_secure=true
Request Chain 521
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
Request Chain 522
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2513037740847063967
Request Chain 523
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2623020820975271758
Request Chain 525
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A907824279182366546 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dxapads%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=xapads&user_id=spxBppBCpb5ivp1qyXkO0 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Request Chain 526
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212338249209002
Request Chain 527
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e&gdpr_consent=null&gdpr=0
Request Chain 528
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d327d386-5e40-46ca-898e-0a8d40b64ac6
Request Chain 529
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Request Chain 530
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Request Chain 531
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=fdbde610-14c4-4eb2-9ed5-09e4990f6e69
Request Chain 532
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 534
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=ff06b7ad-b9e4-47bf-b825-73a856945536&gdpr=0
Request Chain 535
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8365386662731688929&gdpr=0&gdpr_consent=
Request Chain 537
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 538
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1699548102453.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 539
  • https://ssc-cms.33across.com/ps/?_=1699548102453.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=212338249209002
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=7af2fbb0-cbdc-4d5f-87a7-5370182b1bef&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 541
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8%7EA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 542
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=13fcc3e201d154c&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&expiration=1699634502&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 543
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2572705412202874115175 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2572705412202874115175&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 546
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 550
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 551
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda6fd0de5ce44fb5a1c37258e99bf261
Request Chain 553
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:i2bMDCOzHBwHsbVY-aO-&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:303e804a-c1c3-4f97-abcf-bb9b472f6ca6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 554
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=850249877883
Request Chain 555
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 557
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yQaVZ-o2CWyyfmRuxwtNZQ
Request Chain 558
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:56905816-2296-421c-bdf8-945f6a57ed71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 561
  • https://idsync.rlcdn.com/712188.gif?partner_uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=764bfae0860f484aebdf2b17318d1ec1b79c8ebff6e3f619205685e85ae368c5791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3NjRiZmFlMDg2MGY0ODRhZWJkZjJiMTczMThkMWVjMWI3OWM4ZWJmZjZlM2Y2MTkyMDU2ODVlODVhZTM2OGM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIx5e0qgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3NjRiZmFlMDg2MGY0ODRhZWJkZjJiMTczMThkMWVjMWI3OWM4ZWJmZjZlM2Y2MTkyMDU2ODVlODVhZTM2OGM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIx5e0qgYSBAgCEABCAEoA&google_gid=CAESEOEWPG6QX1h_gPItxcCgtEY&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=84187463-519e-4791-a3b8-fcd00d6b7bb1
Request Chain 564
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b1d78ee9-0178-47b2-bb40-1af566d0ac6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 565
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A3553369894007549913 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=xapads&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=xapads&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NDBhNTQxNGU5MjI0MWJmMQ&gdpr=&gdpr_consent=&us_privacy=&ssp=xapads&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Request Chain 568
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 569
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Donetag%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=dbonR-K7Z58xwq5EcR6S0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 575
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=788d08ca-a4be-40a6-a62a-6061d2bde9eb&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NzAxNTU3ZDVhMTYzMjFiOA&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 576
  • https://ups.analytics.yahoo.com/ups/58570/occ?&gdpr=0&us_privacy=1---&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A&gdpr=0
Request Chain 577
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=amx_com&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
Request Chain 578
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=openx&uid=02f940df-3030-4866-a945-960ae0445c08
Request Chain 579
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=adform&uid=191916075475754370
Request Chain 580
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=smartadserver&uid=1652812984930789700
Request Chain 581
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D788d08ca-a4be-40a6-a62a-6061d2bde9eb%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dpubmatic%26uid%3D28C0E945-35F4-407E-84C4-B03C0320B0C6&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 582
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=index_rtb&uid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452
Request Chain 583
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Request Chain 584
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=appnexus&uid=8365386662731688929
Request Chain 594
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LORF21YV-1G-7I30 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LORF21YV-1G-7I30 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LORF21YV-1G-7I30&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 596
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LORF21YV-1G-7I30 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LORF21YV-1G-7I30
Request Chain 602
  • https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=17574518252748544294;dc_av=66056;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_pre=CJr-gIiut4IDFSYPaAgdLT8PPw;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=17574518252748544294;dc_av=66056;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23
Request Chain 623
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005&rndcb=1573359014 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3Dce3988e6-521c-4e9a-88e5-bb39fb01da0b%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0b5b6b35040144cba5d04f524df09a01&ssp=adconductor&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ce3988e6-521c-4e9a-88e5-bb39fb01da0b?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Request Chain 626
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7528345012076470423P
Request Chain 627
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B&gdpr=0&gdpr_consent=
Request Chain 630
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6 HTTP 303
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 632
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=ddf71cd1-7f1e-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6
Request Chain 642
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/adnxs?uid=8365386662731688929&gdpr=0&gdpr_consent=
Request Chain 644
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZHeACGVNC8AAAAAIDkNZAw%3D%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3bb9e9c8-0485-4926-b486-156051b1d83a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D3bb9e9c8-0485-4926-b486-156051b1d83a%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=16812333711407351530746346095360530410&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Request Chain 645
  • https://ws.rqtrk.eu/pull?pid=2583191d-9d1a-483f-97ec-86ebd89e7576&tr=1&g=1&return-unstable=true&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.sharethis.com%2Froqad%3Fuid%3D%24BROWSER_ID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/roqad?uid=303d1f98-0dcb-49e6-9f43-501e10ec4783&gdpr=0&gdpr_consent=
Request Chain 646
  • https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZHeACGVNC8AAAAAIDkNZAw%3D%3D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0a8bdb63816d824d9240fe8dd61ce4fb&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ba5a21473cb5f55d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=0633bcd8-fc67-447d-af38-f03f3b151a77&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba5a21473cb5f55d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc6ee32f649&zcluid=ba5a21473cb5f55d&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECjPUq0VNNyyjGI1A0-ZIY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc6ee32f649&zcluid=ba5a21473cb5f55d&zdid=1332
Request Chain 649
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHeACGVNC8AAAAAIDkNZAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23364%26cid%3Dc010%26cls%3DB&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23364%26cid%3Dc010%26cls%3DB&phint=__bk_v%3D3.1.10&limit=5&r=86544366 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Request Chain 662
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CsQ91xQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAGgBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIiNuMh663ggMVZY7RBB3sagMVEAEYASAAEgLFUPD_BwE&num=1&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&sig=AOD64_1mpgoNme3yhD2jedPFqAi26IaIsw&client=ca-video-pub-3990748024667386&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ctype=110&label=video_10s_engaged_view&ad_mt=10021&nis=5&adurl=https://ad.doubleclick.net/ddm/trackclk/N1367557.1983527YOUTUBE/B26090200.308067092%3Bdc_trk_aid%3D501035650%3Bdc_trk_cid%3D154000640%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5BXxxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAHABW6gBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIiNuMh663ggMVZY7RBB3sagMVEAEYASAAEgLFUPD_BwE&num=1&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&client=ca-video-pub-3990748024667386&ctype=110&label=video_10s_engaged_view&ad_mt=10021&nis=5&dblrd=1&sig=AOD64_1WVkLRJj0ipIBhI_i7m_aCo6B_Vg&adurl=https://ad.doubleclick.net/ddm/trackclk/N1367557.1983527YOUTUBE/B26090200.308067092%3Bdc_trk_aid%3D501035650%3Bdc_trk_cid%3D154000640%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Request Chain 664
  • https://map.go.affec.tv/map/st/?pid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent= HTTP 303
  • https://match.360yield.com/match?dsp_callback=1&publisher_dsp_id=440&external_user_id=654d0bd2bc6e410001a268b0&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%7BPUB_USER_ID%7D%3Fch%3D654d0bd2bc6e410001a268b1%26chc%3Dst%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/im/c4df7e7f-62c6-4761-bf16-33e03eb65218?ch=654d0bd2bc6e410001a268b1&chc=st&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D654d0bd2bc6e410001a268b1%26chc%3Dst%257Cim%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/8365386662731688929?ch=654d0bd2bc6e410001a268b1&chc=st%7Cim&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/0633bcd8-fc67-447d-af38-f03f3b151a77?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 665
  • https://id5-sync.com/s/121/2.gif?puid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=1efed8752c7110fc&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAHavOPE-W9fANIrtQxAAAAAAA&expiration=1699634514&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F104%2F0%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/121/104/0/3.gif?puid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=
Request Chain 666
  • https://ps.eyeota.net/pixel?pid=m4omg6v&t=gif&call=2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&bid=1e2n4ou
Request Chain 668
  • https://ib.mookie1.com/image.sbmx?go=304847&pid=583&xid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&google_sc&pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw== HTTP 302
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw==&google_gid=CAESEHyvVtFj6FLkGKNZY22zCZw&google_cver=1
Request Chain 669
  • https://tags.bluekai.com/site/59574?id=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=ABKWwytx99OhT6Nk&BK_SWAP_DEST=5957

674 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sumo-logic-security-breach.html
securityaffairs.com/153882/security/
150 KB
33 KB
Document
General
Full URL
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6c951b426718f17c6853c05a995e3a6968831eedf7b88f1bd484e62cf62e00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
8237810d6d67a232-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 16:41:36 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/153882>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=153882>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7nCOs6yWFC1YjqRc%2F7kVczcja0%2FREs1PdlvPMjdQI%2Bf21gM%2BDV%2BEpeUDkI3ZapKhyfKo6mRgB%2BFZkkqOhtC%2BpDzgtENZDVNUifqY4nmcwF6VI9vlkVGZrQ94IXGvYzz002ZbIJe1WYOSoQyIznw%2FgmV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
style.css
securityaffairs.com/wp-includes/css/dist/block-library/
107 KB
15 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36324ad58ad455cb3b2ed61e5e7326afb3de6988fe5c592ded25598f13405a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21975
cf-polished
origSize=118143
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-1cd7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEKshB2foYUAcYuy%2BVYIYVO8AxwVd9ShLA5ejU7FiY5RZa%2BKXhksfsvf5LWYJ16xd33h5C%2Fh6z%2BNq60NXfk%2BdRrhhzMhS5Xmb8ntzIQo63tl5EvFnOTV9N3X7Io4r4ETQ%2Bepp7iJIMlao5z%2F78M7U9Rq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb86a232-YYZ
expires
Thu, 16 Nov 2023 10:35:20 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61783
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCk5ZZbXCMuy3zu9VVBll5u%2BZBHLCox1C2UFb6tpd1TPnwpG6M9N4nWzPFRXNPaGfd1TTYmUxE%2BttcMZ0L6ypfsNq6cLVPW3vdW7nd0OTxNWo420PZZ6SaaqksOcPuk0r%2BDMlk9eGTEF401pFwnfSG%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb89a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 23:31:53 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18543
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hj4K0eY%2FEbFCw%2FF4wimY8aPbO3dWgtYs8AmVswSFT%2FZ4V49529khpZduX6ZD27C%2BEEDSutbWlwP7KQ2mctpdDeS0WTHyWTX9PI4%2FjVsQ7YQoE7BUF2F2Ke0TI5i9S4KNdX1kg1vvPdNqom5%2FauvRazB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb8ba232-YYZ
expires
Thu, 16 Nov 2023 11:32:33 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579056
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 23:34:55 GMT
server
cloudflare
etag
W/"6544321f-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwJBBXcb7PMEqh4HPOXv3uM8Zdh9qO1uueIWb0q8Ye2Jdjmbb3G6OV4A%2BS7ooJHd9hldywnjarydcu4%2BDAIGgI54WUjLytY%2BnFIt4BYU%2FvtUM9iEkGssIXXgJQwhy4wwtUVJC4Bu1Fr%2FNENG%2B%2FYQ8YI8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb8da232-YYZ
expires
Thu, 09 Nov 2023 23:50:40 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61783
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Oct 2023 22:23:03 GMT
server
cloudflare
etag
W/"6531ac47-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxddpO4TplvGXA2I0EC3N47tvdGhh2ZqrANzTH9rullLEtFLFrvdRHdETZeq%2F%2BdyQ1tvpg8iw2fv50BmxF7QN1RNyMELxZKOaUyJ42l1lCllxUvROh1dmfopjCNsSv8UPf5gCEgAsV%2F1oiUkoMEcK0H5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb8fa232-YYZ
expires
Wed, 15 Nov 2023 23:31:53 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14684
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Oct 2023 22:23:03 GMT
server
cloudflare
etag
W/"6531ac47-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqXywiSkdVUBjEFdKymrKsil105UYwv3ZuddyaMyEirjF5YzrcGaorllxnjTD5owocZGeo4qoeQ2VAhFDrT5nm%2BC0WC4J0e756BCgafrDq0Yok01EVDa1gATkF5%2BsU%2FKHVr3cD7PRd1J1ZHvXIokZnh4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb91a232-YYZ
expires
Thu, 16 Nov 2023 12:36:52 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/
2 KB
863 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.9
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53892
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 22:09:35 GMT
server
cloudflare
etag
W/"65247a1f-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVENAjd%2FBz9CCKVX%2FQPax7jb6ky1mf0yHzh7o%2BLk816Tsb73ZBfb7W49aQ6krJ3uX7RmkOuAq8A%2FByiHSV8QgMVW9yNmwNo0Xv6pZOmC8gDuSwp99WztayoMIKAgwcEjqLhtNuK%2BmJ%2FweDtDUyL4iFwX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb93a232-YYZ
expires
Thu, 16 Nov 2023 01:43:24 GMT
bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
24292
etag
W/"63ec8df4-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OR0omBe5KsFN%2B7e%2BHxyg3JLnc%2Bf%2FfwEG2V5hpkTqWDmSauTZcBGcyWU9H8kf2FOMDqxCE%2B3S%2Be%2FP8TLfrkqdSGTSMSWvyCclQEj%2FICanJUVH6VIZHrCUi36ogUyiUHKKlSB4OACBDO0FRIt33GmeEns"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb95a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 09:56:44 GMT
plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59087
cf-polished
origSize=31000
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
server
cloudflare
etag
W/"63ec8df5-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAI26lzb88gBdk56O0SmV4%2Bb2V75gifYPViRFpEoHdmPEl3eHzFPYMfdbNavg%2F782eiOKcQUOUMQxnBO6Evdt6j9ahUxQcEwylLf5CtqMn6%2BOk5oWjn0H8yycsvykg4VX5KCqPtsZg0NtsUB%2FlLi4kuy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb99a232-YYZ
expires
Thu, 16 Nov 2023 00:16:49 GMT
animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/
44 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24292
cf-polished
origSize=45516
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
server
cloudflare
etag
W/"63ec8df4-b1cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZXL0%2BnxCuZPl5pet6aSGCNVKjOqUKKJ5oIhOBh9yXbPYj3HcgtA3BQ6v%2FoZ%2Btc%2B8OhrFJQ8piWuap%2Fqfgsd8K4xxDpHIfusGRDbLTrGBf8lIg9ikaa5%2Fb7c4Ew%2B2qaOGrbqz7bw9S%2FaWRqqR%2BaHniGw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110cb9ea232-YYZ
expires
Thu, 16 Nov 2023 09:56:44 GMT
select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
24292
etag
W/"63ec8df5-3f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObOktSLFYVkbEk%2BCB0LjLYS9V1wKfG945D%2BdCpsA67Ou49wCon2OwXQAYs3JeUndGwB28ocxL4MbCSu%2Fx0cVOHD%2FPi%2FXJJOYiK2ERoaZfa1NSzr1Melem8qs7hUgqtMVSANC2lwuhSU2x96eADEOEjHd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110dbb9a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 09:56:44 GMT
bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
491718
etag
W/"63ec8df5-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WpAYrxLoaDnTbo74NytYAsKkiV1jYwh5GgA965HBAaP2iMaup6qtf%2FR4f%2B6yUJ8%2B00yHugE5K%2FfjOnd8fL8wmC4zK%2FauYn8xQrKqtx63k7u8Vg4YC3bj46pI4NTXwqCH1MpAYMxeT0Me3RbJJqfg0dp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110dbbba232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 Nov 2023 00:06:18 GMT
style.css
securityaffairs.com/wp-content/themes/security_affairs/css/
62 KB
10 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108659
cf-polished
origSize=63687
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 19:58:52 GMT
server
cloudflare
etag
W/"64dd2a7c-f8c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRn2OgpQa%2BWayYFe%2FPOxybFamsQhE7b2kk7dlyl8z7f3xamOhPwindXzwFrhxbGNqK7YYGGyWxKAW6YvfFHrfqZm%2FFkTQSF1k%2FqdRGWWSFB%2Frw9LMvP%2FI6PBtvbydYV3XV0j79vrL3%2F2cAHZzbC6qcHG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110dbbea232-YYZ
expires
Wed, 15 Nov 2023 10:30:37 GMT
slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28601
cf-polished
origSize=4922
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
server
cloudflare
etag
W/"63ec8db3-133a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaXnF%2FrfAPYa5zsvR7e1Br4DkDEG5aER6%2BSuzGmJTDJ0Y0WtXHYDMfTGMusOugcx%2FLosLVMW4KAAmnKnuA3aNld3m0WtpIcM6faLhIz9ntoF7n5aSMBc5frdz5CM3rWL1djhozLivpAT215042woicou"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82378110dbbfa232-YYZ
expires
Thu, 16 Nov 2023 08:44:55 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/
138 KB
41 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61783
cf-polished
origSize=285334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-45a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVGX%2F%2BnMqKvcHa9uzdpiq2S5PiUmDJXsEjQYo8PKVL71uK02ElsZRpgvmHO1n49QHAUb2CCHGnlFzMyNQvzVgWUfF2n2P3XepUxquVvFcVkJdazI2d4Yiez3vRY1a1cHM4APxWCqbc6hmrwM0xtnPX%2FP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378110dbc2a232-YYZ
expires
Wed, 15 Nov 2023 23:31:53 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/
19 KB
6 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56643
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqvuShH8oCCedLTfOnIoUL23SyEz1Cx0arXDcaiq7NihrrGFKbmrlZtNLGOg4Ed3F0NUg3O3ZwrQbJP5hxqHL3fxivs0MPmkboK10AWMYO8GtXl1d1RgcJ6sUfh9nqEd5D8RiuQSXN8Uahx%2FIMe3Zn%2FA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378110dbc3a232-YYZ
expires
Thu, 16 Nov 2023 00:57:33 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/
27 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61783
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Oct 2023 22:23:03 GMT
server
cloudflare
etag
W/"6531ac47-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP3eKXzTDQLfW%2FR4kR0w%2FLeoQg9sjTds6otL%2F8%2BLi5GSo4u42UIYGVTi7Sjk6rxkTg%2FKziQdNpGZUGrE95RfX2BQhntEj2xfAQmYEu7s4x%2F28e9Z%2FkDRbZZGuAHRqPMIs98SjPgZHfZ6rf4AVX9OkLxu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378110dbc5a232-YYZ
expires
Wed, 15 Nov 2023 23:31:53 GMT
sharethis.js
platform-api.sharethis.com/js/
208 KB
47 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-61.iad55.r.cloudfront.net
Software
/
Resource Hash
f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:33:15 GMT
content-encoding
gzip
via
1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P3
age
502
etag
W/"33fbe-N51ttSXIC05eae0N3/gGTPPbUMQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
7-XM3D830O9GWKlzOp0SeYLCBlQVQWtV6HInmTjEuW9eKAMk4JFdLA==
js
www.googletagmanager.com/gtag/
173 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e1904a5c113e2e62a825a41dfb4db12044eb516125b76729479b952c0117aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64613
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:41:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd0b04fadc7385e858f26ef0a2149a548f4cb1b48238f822118663acd49f1055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52134
x-xss-protection
0
server
cafe
etag
11943592345049154655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:36 GMT
js
www.googletagmanager.com/gtag/
267 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c517fbeac139a592d9570abd8861f583fdadecd5bb0e776483ecdf1f599e9e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91292
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:41:36 GMT
/
services.vlitag.com/adv1/
574 KB
147 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2812e71d94ebe7a39509f430096991e93451ae72d204a125de77d308221533

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
310
cf-polished
origSize=587430
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2023-11-03T04:18:57 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781156b4139d2-YYZ
alt-svc
h3=":443"; ma=86400
menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
467 B
744 B
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
661755
etag
W/"63ec8dd3-1d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cv2GWoB%2BPJqVeg6BJtivP%2BFuimIefxJsyC1zzQAxXG2SzJVza7qMCFnh940N5Q63mwxiiFDTZ6uoGcF2E6zyhuSvaStWiQ84PQpCyEZgl%2Fql2O564kpMmy351nZXxbu8OaAUHi4Eh38rtfxpUXQptA1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82378110dbc7a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
securityaffairs.com/wp-content/uploads/2023/08/
5 KB
5 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
660071
alt-svc
h3=":443"; ma=86400
content-length
4751
last-modified
Sun, 27 Aug 2023 14:33:01 GMT
server
cloudflare
etag
"64eb5e9d-128f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdmQkHkfsu%2BuDqiYWLifRF58d4xxLRN182S8gZgGP1r%2FabFD5sjlnZWL4fvglIvrEK4uPSefIxYcyz%2BtCU0waafVEWl%2BMgZPyMlMieR8yf%2FGwtBKtABKJNnLc%2BZR1tOSUD%2BB9VK4Hjepy%2BVbeYqHm5RH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378110dbcaa232-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
987 B
830 B
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
666638
etag
W/"63ec8dd5-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BKxozo5GVAgDISpwEPqm77x9Yw9L0%2FOxQBsom4fkJWGnWJyXt6P2%2BP8CRy052ljvu3ZzYHh8BekF2R4%2F5bi1tLpcbs6VWCoeRou4kF1QdHdg3Zi4OVVn1Hv8o9WJdD%2FW%2Fc7P9%2BDgzUKWPboChYMha6r"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
823781113c61a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
947 B
855 B
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29943
etag
W/"63ec8dd5-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE9MA90iM66rYL%2F2C6dCq0pRQYe2jaaL%2Bemb2yl040%2FzBCcAWFNe8K1toe%2BP0LMxs9bzMHttX8Tqt9j2Ra7AeQJC%2FL%2BR2EjpalS6CG8uvAX9unlEstKDUF4DPEgR8YoykMLGERZGmrEVC0lzy21ebUSg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
823781117cc3a232-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
Sumo-Logic.gif
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/11/
2 KB
3 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/11/Sumo-Logic.gif?fit=676%2C238&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
72269179054713bca7440d30772cd7a60a1ccd3abb7f275f6c05754e871cb910
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2290
x-nc
HIT yyz 3
last-modified
Wed, 08 Nov 2023 23:15:26 GMT
server
nginx
etag
"892ae9971a06e583"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/11/Sumo-Logic.gif>; rel="canonical"
expires
Sat, 08 Nov 2025 11:15:26 GMT
3422ac19-5f8f-41f5-aea5-2e0336e236eb
https://securityaffairs.com/
5 KB
0
Other
General
Full URL
blob:https://securityaffairs.com/3422ac19-5f8f-41f5-aea5-2e0336e236eb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
image-45.png
securityaffairs.com/wp-content/uploads/2023/04/
249 KB
250 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/04/image-45.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f37861208dfcec291389fb8864c588fbc3d4a309e534cbb3e7bc163110b70a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14261
alt-svc
h3=":443"; ma=86400
content-length
255129
last-modified
Tue, 25 Apr 2023 21:12:27 GMT
server
cloudflare
etag
"6448423b-3e499"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2yg8XdFZaE3Br5Q9OG3%2BzaWtRv%2F%2BZH7THsC3AAqc6okqBnjh8TegjF0J4E4ENPuxYuQ1K1iwPkB8fGityetfBxkTVtdSUoXIBPGZ%2F%2BuwQaOmWXHl%2BvoC%2FbDeGptCJdgh5T20hGiucSWedRq5QKRZEQt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113faad39ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
sberbank.jpg
securityaffairs.com/wp-content/uploads/2023/11/
38 KB
39 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/11/sberbank.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3fc99122cb63982a6984bd9c54bf015319eb54b046c7c13ae7f10fb856bb5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20641
alt-svc
h3=":443"; ma=86400
content-length
39291
last-modified
Thu, 09 Nov 2023 10:53:29 GMT
server
cloudflare
etag
"654cba29-997b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FVQFcSx9ekkk7PUqjbvF4FsN85HxELMGxZgfipneggaUXQzxAU42CN%2B3c6D1DWu88VeaqXFuXHDr4XiFuJuu661QysM1Dlv%2Fwu4Ps2g0cm6alJCxdsQVdQlXlHPeGVkJp1LR%2BlS%2BAOOrNAymwTxTPwI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fab339ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
veeam-software-vector-logo.png
securityaffairs.com/wp-content/uploads/2023/03/
7 KB
7 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/03/veeam-software-vector-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc3df8900b7793112daec5f9e53fc7b1a54574586b195e6174682bb35d8b8bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189410
alt-svc
h3=":443"; ma=86400
content-length
7160
last-modified
Wed, 08 Mar 2023 20:49:48 GMT
server
cloudflare
etag
"6408f4ec-1bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iSlrXv9yQGILs%2FGEcrd6BltzZNKo0lvqxlGdNAk%2B4W08yD%2Bl3pPXh5G%2FOfDrECzeyxGnlPZndcKa4p4738SxMH%2BsKpg5xGprLv6cwO9fTHNBX9aCdLKDJ91jarUiaLryeADOdrILx5I2L6E1Z6GX5KY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fab639ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-10.png
securityaffairs.com/wp-content/uploads/2023/11/
780 KB
780 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/11/image-10.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0d0135637376ad2cb59f12e5ee238dd63ba326e2f40e4779323c3e88564d5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198483
alt-svc
h3=":443"; ma=86400
content-length
798472
last-modified
Tue, 07 Nov 2023 08:58:46 GMT
server
cloudflare
etag
"6549fc46-c2f08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0p2kCqglt%2F%2BoWAuNKBl7Xze5zuIvD4WoI0fw6i7lCIMbwLAC1K4t%2FJr1Gc7pASsiZSp2BdrU3WkpRxm34Qox7VdFd74NuUARJKxNgEsbZCUpWH9Pa1BYxLqrlbosNXdksBBO4NAveF7lHfoL%2Fil9KKq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fab839ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
Agonizing-Serpens-reconnaissance.png
securityaffairs.com/wp-content/uploads/2023/11/
91 KB
92 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/11/Agonizing-Serpens-reconnaissance.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690131a53fe7ed758cd7d75ead271ff28e6aada69c9d4c5a471ffd61f68c81c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203072
alt-svc
h3=":443"; ma=86400
content-length
93475
last-modified
Mon, 06 Nov 2023 22:09:01 GMT
server
cloudflare
etag
"654963fd-16d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Nv%2BNxL92OHad221eo5zCkftwFtkPuTUYlCbamaWULuUdcB65NrWyTJmJQP8TyskIA7jLVOmTOv7ZJvZxbiVMJeT5ZA4WpBu9YJq0qos6VuJwNLMwYGOYGkBHauTkVjOmJ98hpP1ClWMgR64n3qkvW2X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fabd39ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-9.png
securityaffairs.com/wp-content/uploads/2023/11/
42 KB
42 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/11/image-9.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55f290c51141beafffca305a9d92c7274f03b39d22b32445a18f120a1308623

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29942
alt-svc
h3=":443"; ma=86400
content-length
42520
last-modified
Mon, 06 Nov 2023 18:50:34 GMT
server
cloudflare
etag
"6549357a-a618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4I0FW%2B41GRBYA4HHxeEKMdkEdKQd1ozaug%2FS4x3tpV7%2FIhfkdnkTK4eNAlhBy6AHmKj69KpmDCxIT0h96gNJyi1exdqrHUhoVqtfoscBucCf84uj239ebVWUD1P0LoQY1NOi5aUjMyQ%2F8OuPG7lXplDC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fac139ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
QNAP-logo.png
securityaffairs.com/wp-content/uploads/2021/04/
17 KB
18 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2021/04/QNAP-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7399f89c622cbbf5435feb7628b6844df4fcb4764811155c2c5f049e3bd0d42d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267052
alt-svc
h3=":443"; ma=86400
content-length
17619
last-modified
Fri, 02 Apr 2021 17:26:53 GMT
server
cloudflare
etag
"606753dd-44d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP6XoXbE37GI0O4BDlp%2Ba7GmxtITo3j%2BYQg5kHw94%2FuQoKwaalYMzWAWlvr1FWA%2BQuL92uZS6Vd8Wf6U%2FeNdMkB72dSKnirXzOtzyOI7mIku8Ze7EH2sAiNRFumkJJTgTiSJ5n8WMZitUwr4%2FwflqobW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fac439ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/
4 KB
4 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
658913
alt-svc
h3=":443"; ma=86400
content-length
3916
last-modified
Sun, 27 Aug 2023 14:33:08 GMT
server
cloudflare
etag
"64eb5ea4-f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAvLCYdZMvLmTDgVod8kAh5yTW68KudeNM6OVZwzthRh0BpwWjZ1YKae0K%2FVxAvtcjrKgbz9ryiDUqeebPAYF6HNmcxt643GK9F7JAo6%2F3wrCb8FUfDbwJRzcQ7w%2FPBogQAo524AdcdosGqjWNLvXu2Z"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82378113fac739ed-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 16:16:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654bb442-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye4yzDkMoyfInoNqwwVjcBMqhx4C2vdcRvEsdS%2FhSWc1KLtwH7IlDgSPhIleEwM%2FKIx30mx5zX9ZD0WRYkNsrIImpDgKIrJFYkLMZrL2YMrs5%2FyzWMF1ey6bI6ct35VlrYH%2FwDJKDyf53aF%2Fb6DaM9wc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
823781127f3639ed-YYZ
expires
Sat, 11 Nov 2023 16:41:36 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/
701 B
864 B
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17448
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:54:04 GMT
server
cloudflare
etag
W/"654c118c-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLpngFgwafbwyKpzeg0fxcplTHDkmyFcZKgvbUHGcfcDQsITjmJ%2Fy41PrwuKnaPUTfm00rSTXOb1wUszf4b0wE%2B2NCXTEQdulFSQkO6%2B4uJsA3hzecxVThD%2Bups4HKXty8zF%2BMLF8I1jZqhQK6oj5yb%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
823781127f3c39ed-YYZ
expires
Thu, 16 Nov 2023 11:50:47 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579154
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 23:34:55 GMT
server
cloudflare
etag
W/"6544321f-2a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4MlGegv1rjrZKsJJKmZGbfU8O5RX4tv%2Ba8WoUdTuuAp53LIlkk8Sy6qk8nVUK%2BCpdLV1qtYgMbfDAS9AsljAALtSPgtuzVDhAAyWTkwMLqnxVTc7rL3H%2FKgfrsvjmuRxAWBSYwwTYu9NriEyzKmOJB8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378112c80739ed-YYZ
expires
Thu, 09 Nov 2023 23:49:02 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579153
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 23:34:55 GMT
server
cloudflare
etag
W/"6544321f-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjO%2Fi7cRM7Sr%2Fb9Sv%2BERaFzy0vkj2c7zdcwiZTJFVmfMkGNzl9bkYCBIFwAp8YBifdpmGoymCMHaPhLBkNvT5cRfaxWa9ZEBh2oI4aT3qNuIctdboTnQlrOzSUg7RbZluRL7dEa1n%2BAYgFkNTHIM4kFE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378112f85e39ed-YYZ
expires
Thu, 09 Nov 2023 23:49:02 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20564
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1Sw8z65Sai6jbc9cZLSVdi%2FoQQry%2B7CflR5k95S1%2BVXgCV4IEPS5sa08I3VaIIV27QrSHu9iq78LiYbc5T2czAOwyQA7YbvrL%2BCgzYCJtj2SZNXCbCG7OaQWoAG7Pf1xs0hm%2BZC8eNx%2B%2F2Laj49JlKk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
8237811328dc39ed-YYZ
expires
Thu, 16 Nov 2023 10:58:52 GMT
jquery-3.5.1.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
87 KB
32 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
65325
etag
W/"63ec8dba-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvBDo5pyQrArGBA3ZVsxdWzSs1tTlkGRY%2B%2F9ypLZnFY1eDP6F7uocCJcf7jRL1lrXU2eAwTKD0yHKxNey4cbSMBCoKswFKUoQ7Iw7Npr1NcUDrDX3V2VVCVh2Mpyhj1EDdzmbTV3%2B8WE7rjcoSVbYD4J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113490839ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 22:32:51 GMT
bootstrap.bundle.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
77 KB
23 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56643
etag
W/"63ec8db9-13397"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZdeVA4ZJcR8LXcQzqnugtN3zN57m6LKFCvCswvuW9%2BXZR0hU5XPid3cD%2BekWEiYnv3UHrlQ6T5Al2ON6q27t54OzvbFF%2BEcjMB%2BY5tnxUqwCoaxHZ3MhZvj35rWipwm9XYfG4cmEsUBansh%2BI6zoqaw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113796739ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 00:57:33 GMT
animation.js
securityaffairs.com/wp-content/themes/security_affairs/js/
3 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56643
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cszqi5jgCGG0gZqFuXi6r1EqdfJ9JeC7hEpEcXoU4HQc3YWaJnDBsLWAy2O770tSssNMRrY8iqUMOlkLflIHPmkk5AME2yuTrerCAhGFJtGYRmVkrCtY1nmb7EncIleh4H1KFw68u%2Bngf5erkjE%2BvKn9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113ea5a39ed-YYZ
expires
Thu, 16 Nov 2023 00:57:33 GMT
slick.min.js
securityaffairs.com/wp-content/themes/security_affairs/slick/
42 KB
11 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
17448
etag
W/"63ec8db3-a76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8gXK6usjTtETxAZQpTvIqAIWsH4m%2FUYwbOdhj89URvAq1dj1xQDCg7J6kzACbnTroBjnw5NnZrOAWHq7eOkGixbpgR5PuWE2soTetirwC%2BEzXZIV9DRpYhfHVKu5tNYWtAwcR%2BlcYIME%2FvUCuiOBl%2Fp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113fa8639ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 11:50:48 GMT
select2.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
71 KB
20 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56643
etag
W/"63ec8db9-11dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT0FOidhtZzSZUmWoYYlGdHG3dG8d2LA6qqqjqqhywS2c9Pyrq4yVX20Lic1WzrPRk%2BpYHppVlKkhlG%2BbmR0mOceA8R7IUr3qvyGi3nNySLfinosDDj7ZJOJj72KdYHYJFk7RlaQVn5zlq3qEbCWTcP9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113fa8d39ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 00:57:33 GMT
moment.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
33 KB
13 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52334
etag
W/"63ec8dba-857b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCCmliZI3GCg4cVr%2BV2AkphqPpzwqV7wM3UiI088WqM2zpyGs7%2Bq1FVR9O%2B4PWuGzAxT1eY9YsPuFQA5uU3QCohfoi8IvBKRytt6plDwSmtrsxjfR2%2BRFDjG4M3k7Enfm0i3%2FklTkBCyFSa1RYTkTUH%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113fa9339ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 02:09:22 GMT
bootstrap-datetimepicker.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
23 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56643
etag
W/"63ec8dba-5a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTFkD4jkJMLcOAhQb7fyBAmvCWZGEYGf%2F6%2BPRx67cSq9dF0C%2B%2F1hdcHJmMLmPx9Niky67fgxE60iZameOp5pSI7pecDlXgnGF7%2B4XVPw%2FmPnVxmKaW%2FQ0kwjQrocjvN7SAt1f4lNzlyniR0Q5WoP0dta"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113faa139ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 00:57:33 GMT
script-datepicker.js
securityaffairs.com/wp-content/themes/security_affairs/js/
236 B
667 B
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56643
cf-polished
origSize=552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4Fzp2KY8dG1YBFa7G34suaQK35yQafPRZmghBuJs5AS3R7cotJS6BeLX9navoMXKq8Zop%2FYfg6N%2B5W3%2F6gzkSuOOARp2cMFdLGL5IJltMaUcUx3O2e4yT9qPl7e3%2F5Tnn0eNRLUNFSnCUedIvRQKxvq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113faa839ed-YYZ
expires
Thu, 16 Nov 2023 00:57:33 GMT
script.js
securityaffairs.com/wp-content/themes/security_affairs/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
488302
cf-polished
origSize=6278
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
server
cloudflare
etag
W/"63ec8db9-1886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctcMDymaO%2F%2BM8ErolotcIYgyVJPcBhkgW5P4Ljx1joMmPXJhqPJ9CTjbfZ7WWuQkX7MWGC6MrxG%2FmMUL88xl2CUvMA1zBPL8S6CDNGb0ZRWW5GrZco2apsmSR8nZG8FgcPlItYZ6xn0ABECi6m9ilVG9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82378113faaa39ed-YYZ
expires
Sat, 11 Nov 2023 01:03:13 GMT
e-202345.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202345.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT yyz
date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684465101925.7249
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 04 Nov 2024 16:24:02 GMT
css2
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:57:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Nov 2023 16:41:36 GMT
63aa5463b92caa0012f81022.js
buttons-config.sharethis.com/js/
438 B
882 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:8800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfc6883863d1d8dc27b491556f0f91df31da6a3f86fa1d9d8dc8686e067bd8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
via
1.1 a66cf66feb9f859a61920422b04d33a0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Aug 2023 14:14:32 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
etag
"0a1ccce781e1a89f4075d4f596f8a0f2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
438
x-amz-cf-id
SKjRBot7jva1NQzuAmvECI5KrGL8WjdPxln8V03iN7Tro8ssbheAHQ==
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffa...
  • https://l.sharethis.com/sc?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs...
176 B
701 B
XHR
General
Full URL
https://l.sharethis.com/sc?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sumo%20Logic%20discloses%20security%20breach&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Security%20firm%20Sumo%20Logic%20disclosed%20a%20security%20breach%20after%20discovering%20the%20compromise%20of%20its%20AWS%20account%20compromised%20last%20week.&ua=&ua_mobile=false&ua_full_version_list=&uuid=f1eee906-fc36-46bf-a163-f159c67d24a9&samesite=None
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e4d26b2ecd5a5cc9d8341346e8bdb99029af0ddff03835f7f4c710c8a48263d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:37 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
Access-Control-Allow-Headers
*
Content-Length
176
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Thu, 09 Nov 2023 16:41:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://securityaffairs.com
Location
/sc?event=pview&hostname=securityaffairs.com&location=%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sumo%20Logic%20discloses%20security%20breach&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Security%20firm%20Sumo%20Logic%20disclosed%20a%20security%20breach%20after%20discovering%20the%20compromise%20of%20its%20AWS%20account%20compromised%20last%20week.&ua=&ua_mobile=false&ua_full_version_list=&uuid=f1eee906-fc36-46bf-a163-f159c67d24a9&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
Access-Control-Allow-Headers
*
Content-Length
842
X-Robots-Tag
noindex, nofollow
search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
940 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
626431
etag
W/"63ec8dd0-3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkEEKPPSya%2FoPvUUBRtEmC4S6K6eJNm3kdJqVANPw3%2BDoRzmRZqRsPjRnXOsgGStg7ExZLYSe%2FGh7caUY24iRzIXxvrdDBPuZpaKCIASyQNzb6i%2BrZz3UvlislEjNyKPXouqi38bF7Aje0xgHVhwZwup"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
823781141ae139ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
b-arrow.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
903 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/b-arrow.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
670742
etag
W/"63ec8dd8-387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYdXsubY8pqA6PvtehaOlaV2XJ3xrxkt0tFEbISHGcRP1SsHOWEmkbGtAMwwZ%2BPH6i4ZaxdcxEAZxDfL1Qe%2FNpp0OqILXavxUPWb3OWDaBRpfeDXQ9GBERYUkw9BSNi9PR2GpeCojTorqtWgatdGGIUJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
823781141aed39ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 04:37:52 GMT
x-content-type-options
nosniff
age
43424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 04:37:52 GMT
fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/
75 KB
76 KB
Font
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin
https://securityaffairs.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6882
etag
"63ec8de8-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWPeiMjYyjo5jmzrMD8N133kQ819xYWlpAI8ZFH%2FEj%2BCLGoPVB33%2FiUo%2BaAmuVYO7qlriW%2FtI3yqSylAJ5cBQluqimd%2FePbEAnA9%2BNwYdLzj%2B%2FsXMoh4PqEoUVyr2LvVamjT6UYclsvWo33wJjM4W90%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
823781143b1839ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
77160
g.gif
pixel.wp.com/
50 B
154 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=153882&tz=0&srv=securityaffairs.com&j=1%3A12.8&host=securityaffairs.com&ref=&fcp=1375&rand=0.10135644486533724
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:41:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/
17 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17448
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wceQzGW2Yq5Kml0u7ji4PlMjHFO1S1hY7920t8YBwmErz7vRczy0EiuajC5WL9Vd%2Bq4m8kQ18l8WQuUrAsBtuCdNcHTWdpXslfw5np56YpOP8oamKW72sAjoYYhGlCeeVn%2FMo8%2BocLfzQGlLKu%2FGn9qI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
823781155d2639ed-YYZ
expires
Thu, 16 Nov 2023 11:50:48 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17448
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeToONsrSuXHigY%2F3q9MeprRuamuCT1VXk4WEQG3soRes6WDN8qtgE8DQEiwgYI1WAOcpvdAriZ%2Fp5eDnFQiXB4ef22mv94njI1MNlsCka1yfLQjvMKTQWeQ%2BWcLpDRKMhJf6umKkeQadvMrWWBhl%2F5t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
823781155d2839ed-YYZ
expires
Thu, 16 Nov 2023 11:50:48 GMT
schema
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/
232 B
772 B
Fetch
General
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/schema
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT9eZ1iSaI0tQflqto9nlPS1Sa9nMD4AVuIxA2fddC6aXQYkmfny5nWvXR34MgdV0AvXoaSru2qGW6ZZ%2Fbo%2BefxldCnGY5mWBriWS1IkzXXmCgTbdwdc7cLJTxONe08CibwXSmHBsHF0A1IZd%2BACS5TL"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
823781155d2b39ed-YYZ
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/cli/
42 B
367 B
XHR
General
Full URL
https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bae02d2b0add5833b0cd28f589ecfd23ea57a3b7c5c910d4173f0c9240a7265

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781187cfb54cd-YYZ
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abd3e064745c2ecc9525abbf9e9ab144f82c2e52220c6d79dfea4703de18a51a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138448
x-xss-protection
0
server
cafe
etag
7227702411966377589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame FE99
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
72087
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 20:40:10 GMT
etag
16674218716276178799
expires
Wed, 22 Nov 2023 20:40:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2023 16:07:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2053
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 09 Nov 2023 18:07:24 GMT
js
www.googletagmanager.com/gtag/
202 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5811e8e1b9b091f195bd403e254472cdd8450036946db8bce22b341aed0548cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75231
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:41:37 GMT
js
www.googletagmanager.com/gtag/
267 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d377ddcb6d483cada1ee215c88a7ed50c7c05c397fe139a0240877d824585006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91330
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:41:37 GMT
t.dhj
t.sharethis.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=securityaffairs.com&rnd=1699548097186
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.37 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
660a4487fa1d78de19f0bee407053480abd7b8a113f4bb19f3a08d07b68a1290
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Thu, 09 Nov 2023 17:41:37 GMT
collect
analytics.google.com/g/
0
257 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3b60v9100359598&_p=1699548096602&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=96333411.1699548097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699548097&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&dt=Sumo%20Logic%20discloses%20security%20breach&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1861
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
257 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=96333411.1699548097&gtm=45je3b60v9100359598&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
409 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=96333411.1699548097&gtm=45je3b60v9100359598&aip=1&dma=0&gcd=11l1l1l1l1&z=2037792973
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
174 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=45je3b60v893534898&_p=1699548096602&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=96333411.1699548097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699548097&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&dt=Sumo%20Logic%20discloses%20security%20breach&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1948
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1699531462/
13 B
281 B
XHR
General
Full URL
https://services.vlitag.com/vld/1699531462/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 12:11:53 GMT
server
cloudflare
age
10861
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781192dbd54cd-YYZ
content-length
13
alt-svc
h3=":443"; ma=86400
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/obj/1699531462/
43 KB
5 KB
XHR
General
Full URL
https://services.vlitag.com/obj/1699531462/221a5a398da89ace8729d1cd3c481ec7.json?cc=CA&hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd70e84ff15443ff09ae6f5ac8c8e3784bffa7d9288081fa4f4fafe2ccdf90f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 12:11:38 GMT
server
cloudflare
age
14679
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781192dc054cd-YYZ
alt-svc
h3=":443"; ma=86400
prebid-8.21.0.js
assets.vlitag.com/prebid/default/
615 KB
187 KB
Script
General
Full URL
https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 03 Nov 2023 08:25:02 GMT
server
cloudflare
age
548182
cf-polished
origSize=630565
etag
W/"6544ae5e-99f25"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
82378119fd2639d2-YYZ
alt-svc
h3=":443"; ma=86400
expires
Fri, 03 Nov 2023 08:55:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
100 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
418b6fddf3d52d2f1ee1daeb643a78726ee69420bd18c478d9361457e29b3497
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31198
x-xss-protection
0
server
cafe
etag
616 / 19670 / m202311020101 / config-hash: 6338164477709008632
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
363 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Thu, 09 Nov 2023 16:41:37 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/
38 KB
17 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
27761
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
82378119fd1e39d2-YYZ
alt-svc
h3=":443"; ma=86400
expires
Tue, 07 Nov 2023 10:59:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/
265 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de3984198eb73078bb727320b1363493cdc3c1a74c10162e8182b344c5181ae0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:09:10 GMT
content-encoding
gzip
via
1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 21:46:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-P1
age
1948
x-amz-server-side-encryption
AES256
etag
W/"2b5c992b7f2fc9fad451b2c61f2e15f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
jbKWDhgzdx0KjIvr8stIwfK001hHS5g6a-SPSnpyL3L55Fpz1MJdIQ==
t_.htm
t.sharethis.com/a/ Frame 8704
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=securityaffairs.com&rnd=1699548097186
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.37 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Thu, 09 Nov 2023 16:41:37 GMT
Expires
Thu, 16 Nov 2023 16:41:37 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
collect
www.google-analytics.com/j/
1 B
92 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=274754688&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&ul=en-us&de=UTF-8&dt=Sumo%20Logic%20discloses%20security%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1686890542&gjid=14118376&cid=96333411.1699548097&tid=UA-59069958-1&_gid=1777139236.1699548098&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1701547892
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_.js
t.sharethis.com/1.1258.23364/a/CA/ Frame CC51
23 KB
10 KB
Script
General
Full URL
https://t.sharethis.com/1.1258.23364/a/CA/t_.js?cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.37 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f2fe09f3f40e8331e6d9c88cd25eef49a4aa94b2ec5dec4ac5893560dddc1ce
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:37 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9491
Expires
Thu, 16 Nov 2023 16:41:37 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4D1B
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1699548097&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699548097146&bpp=6&bdt=1046&idt=560&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5015548753147&frm=20&pv=2&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079347%2C44807460%2C31078297%2C44808149&oid=2&pvsid=3334696842036870&tmod=263354514&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=597
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nlsn
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=0a8bdb63816d824d9240fe8dd61ce4fb
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/nlsn?uid=0a8bdb63816d824d9240fe8dd61ce4fb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Thu, 09 Nov 2023 16:41:38 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=0a8bdb63816d824d9240fe8dd61ce4fb
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
lotame
sync.sharethis.com/int/ Frame CC51
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
  • https://sync.sharethis.com/int/lotame?uid=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/int/lotame?uid=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.sharethis.com/int/lotame?uid=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.40.0.220
content-length
0
expires
0
eyeota
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2MNXUYCfzH_FuQON2TXJkNZqCVgu2Wnjj8OIsUgXciBQ&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/eyeota?uid=2MNXUYCfzH_FuQON2TXJkNZqCVgu2Wnjj8OIsUgXciBQ&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2MNXUYCfzH_FuQON2TXJkNZqCVgu2Wnjj8OIsUgXciBQ&gdpr=0&gdpr_consent=
Date
Thu, 09 Nov 2023 16:41:38 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ttd
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/ttd?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:41:38 GMT
server
Kestrel
content-length
215
yahoo
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://sync.sharethis.com/yahoo?uid=y-VPPkNsZE2oOQ9gNzONTkYdZnNA10r9a7wEY-~A&gdpr=0
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/yahoo?uid=y-VPPkNsZE2oOQ9gNzONTkYdZnNA10r9a7wEY-~A&gdpr=0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/yahoo?uid=y-VPPkNsZE2oOQ9gNzONTkYdZnNA10r9a7wEY-~A&gdpr=0
date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csync.ashx
ml314.com/ Frame CC51
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639818809408749569
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzOTgxODgwOTQwODc0OTU2ORAAGg0Iwpe0qgYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=9d4b6434819abffc2748a08d3b7c3296e52105e9ceb5d1972a1fc73e8bedb241f4cb09cee1a4f8eb&person_id=3639818809408749569&eid=50082
43 B
125 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=9d4b6434819abffc2748a08d3b7c3296e52105e9ceb5d1972a1fc73e8bedb241f4cb09cee1a4f8eb&person_id=3639818809408749569&eid=50082
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 10 Nov 2023 16:41:38 GMT
date
Thu, 09 Nov 2023 16:41:38 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Thu, 09 Nov 2023 16:41:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=9d4b6434819abffc2748a08d3b7c3296e52105e9ceb5d1972a1fc73e8bedb241f4cb09cee1a4f8eb&person_id=3639818809408749569&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:51:26 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
28213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rgixuUWI0QbkncODLPb04kbCoGjovcjegiMZX-GMs4Wf4F5F8CT7Kw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/
426 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 13:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
11310
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 08 Nov 2024 13:33:07 GMT
9cf0c4f1-7630-476b-9141-f4472e005192
config.aps.amazon-adsystem.com/configs/
537 B
813 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-20.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
cde3f48a75106d9686698a27d3eca6389f4c42e14973866c72c474c1a36264f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:44:41 GMT
via
1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
3417
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
0CSTX88dORpjplnNTMxf91AQm2021wZYbeA_CsqWjS6x-CIrLfkriw==
config
c.amazon-adsystem.com/cdn/prod/
0
312 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 12:44:53 GMT
via
1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-P1
age
14205
x-cache
Hit from cloudfront
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
einz2bS4fQF--M_huat4Vi_hc1MBgqi-tRAD3lJwlE0DXDHZBhazDg==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231109
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
436463dbbd471e6aae3cc0faf1b1598e276a77c83f6e5fd862a716dd16bf4451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:41:38 GMT
x-content-type-options
nosniff
content-encoding
br
age
2449
x-jsd-version
1.0.1869
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
862
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4549-YYZ
x-jsd-version-type
version
etag
W/"639-bQtEViSL59r1RwOotntTrG9+TTQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
267179
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEYMUtqzGbhTOTqhdJN%2FNcs2rlV9f%2FajJBVRdDMTllpRtvaoqapUkVN3t5nFIBJe%2FS1Gl0WKrAGsA5i41bNjpYRLEz%2BeMwVsQutL9mncrrew%2BYG5NU1nYZF%2BWd6B8a8%2BmKoE%2BaJDen05yV4L"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8237811e2880a205-YYZ
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce797a4fa7542525b4f22a542a94d7eb34d6e483d4925d683aa90e2cabd0c288

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8237811e5a2e39d5-YYZ
expires
0
c
prebid.a-mo.net/a/
0
524 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/
13 KB
6 KB
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0bdf3a60999ce2927ed5543844f805be077b9e5285426af28b6870a9dc05d6de

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
181 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
trinity.json
apex.go.sonobi.com/
4 KB
3 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22154e5e74a1f3aec%22%3A%22ab125220a3333b88e772%7C410x231%7Cf%3D0.01%2Cc%3Dv%2Cpm%3D6%2Cp%3D5%2Cpl%3D4%2C%22%2C%221614421a6650a01%22%3A%22f92c2d3e59016342889a%7C640x480%7Cf%3D0.01%2Cc%3Dv%2Cpm%3D6%2Cp%3D1%2C%22%2C%22173d88b4cf29ee%22%3A%22dc3fb521da1590cd931c%7C320x480%2C336x280%2C300x250%7Cf%3D0.01%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&s=805da58b-8d9c-461c-8576-c405008699e3&pv=eef28ff1-5fda-499f-9f9a-15042d4fe14b&vp=desktop&lib_name=prebid&lib_v=8.21.0&us=0&iqid=%7B%22pcid%22%3A%22ba35e5b5-8f8f-44ea-8a6e-dbab8e9080c8%22%2C%22pcidDate%22%3A1699548098051%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%229b986af9-730a-4820-ad0f-e9f4937d11cd%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html%22%2C%22name%22%3A%22securityaffairs.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%222108%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22securityaffairs.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aexuritywddwira_xon210..5489.7566%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a7797ba-b46b-4569-a7e3-bfe306d04619%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
77eea9d378711b5834e14117743befec7a3ac6e02781b9aaf7504a48fd6baccf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-192
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1327
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
useast.quantumdex.io/auction/
5 KB
3 KB
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399ef26c01aec105e836a6d797d372f5b13cb8ba4a1977459f8a8b8116db799e

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
cf-ray
8237811e0c7e36fa-YYZ
cdb
bidder.criteo.com/
0
197 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=69596767387&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/
6 KB
4 KB
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
aed64c99467b367b7e7b94255cfb72a051620288966bc22030cd6133f45e5060
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://securityaffairs.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
3690
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
prg-apac.smartadserver.com/prebid/
25 KB
8 KB
Fetch
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.32 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
8d03b926e6376a02553663daec84f0e32811039be2f53bc98fb3de2808956c18

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/
26 KB
8 KB
Fetch
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.32 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
90eb8bf0ddf7035f99dd4c35ed97ba872953b6db7445d71d830b2e0e7d68c4fa

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/
658 B
1 KB
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&pid=c8Y8lyLbIemrh&cb=0&ws=1600x1200&v=23.1027.1921&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
352b9369c700ae587aad2c081336efc0c7db3953b649ec45b33c9b51ee338f7c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
B3WTA2PRXD96ZW28C5DF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
658
x-amz-cf-id
czpYIJIGsZKaiZEOydPXDcuduMQnCtZ5MV9ALOBGpzv9OR_MKudhKQ==
cc.jpeg
px.vliplatform.com/bi-v4/
0
274 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNraUqABYy-ZyyB-PYeq-aZMy-tYeUyZqqwMTKRlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNqrquog,qdb,hxwdqzoe,hxwdqzoe,kzwigxlt,lgfgwo,jxqfzxdrtb,ekoztg,gftzquRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf8GL8k8q%2FFXX8g6N3ETSlotNT%2BDEeE4NjsN6gl8UTOzMFod2A3kS9vNhrq7I6ifm4yvBebCY%2BK0yUdEbxAlegKfRp9l7YZ1qJgSH3fxr%2B8Ndy9got%2Bbk4aQI7xWXNymZX5evjPGu6udtoSLKy%2B8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d8ca23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
272 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNyeZatArP-tAMA-PBTK-aqBY-ywZeMaeUaMByRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNqdb,hxwdqzoe,lgfgwo,ekoztg,gftzqu,ldqkzqrltkctkRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL3%2FUnkK8ITrtXgi8M9MesUrwTCAOXdIbS6d5VdPeB9XuyuBHzeRHaPuOuKGKWPkDCnGgF93g%2BCrTz3nHphPwILwJpr5A5Huzac6hjF%2BV%2BQhca7enHASy94lctKKXZbvSTwvhjKNAbavGn8CIuRdPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d98a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
522 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNtqrawtKr-TYAy-PeBY-wYqw-AKBrUaMqetKwRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNqdb,hxwdqzoe,lgfgwo,ekoztg,ldqkzqrltkctkRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urbbibelIthdaddbl6XXAtZRi4GEtRzymJt1AF55r8hLzdGtnamUe671Z5y13eiFiE7MAbizL20Rh6ORVWEImkfRPoTj0wyNVXWUT4hYFcsPtlv8khHr5s%2FfYAwEMpwCjkBcy%2FFsc6dQC0GhvgbpGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d94a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
274 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKYyetKYy-qMeU-PyZM-wyZM-ZyZrYBZrPeKaRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNTRmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B72t8R51L62x60C2Zsu%2BHhTKB0jXXEU3m03IN88P%2BWbGdFfdoZNYU%2BwodurqfeDc%2Fvuftc0f3d5yq3VLHwo4EvXX9Rw72B82gQIhyHyDPjy%2BDrJyVd0ChMgXAkVy2W7s45KnJBSHkFJKFL5e6MX6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d91a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
270 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBKtwTaTZ-AByT-PrUP-aqUK-rraKyrTqeYtMRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GechpDVcpFHnl2UaYqL7fkxtlt6VdI8VVU2if%2FzPyNBo4EfiP8iHzvgVbZci1N3Su%2FymUCNanuvkEl4dc9LNxHkSTz2sFxQpwMm%2BrjOxYk6RmceS6foHfIFGZ7glKbPVuSQKQZrw%2FjMQp2xt2qNMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d99a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f961ecb2eec971a2b316b2d6e5dc0d3d27a409eb4c6d20ade44bd903d4f5de0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8237811e5a2a39d5-YYZ
expires
0
c
prebid.a-mo.net/a/
0
378 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/
29 KB
15 KB
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
418cdd4ae88557c45df3fa520f11fac7d91e1ee7d111ad47fff8c2d97d33954b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://securityaffairs.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
14956
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
translator
hbopenbid.pubmatic.com/
13 KB
6 KB
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
06432bf630b7801817ab09d5e1b106111033b8986a40fcf27451fad5485a3454

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
181 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/
0
197 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=8507214520&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
useast.quantumdex.io/auction/
0
268 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8237811e0c8036fa-YYZ
access-control-allow-methods
POST, GET
trinity.json
apex.go.sonobi.com/
4 KB
3 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2251b3ef63e0a192a%22%3A%22dc3fb521da1590cd931c%7C970x90%7Cf%3D0.01%2Cc%3Dd%2C%22%2C%2252469197cf2fb96%22%3A%22dc3fb521da1590cd931c%7C728x90%7Cf%3D0.01%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&s=69be395f-7da8-4883-9a8b-06abb385f1ff&pv=eef28ff1-5fda-499f-9f9a-15042d4fe14b&vp=desktop&lib_name=prebid&lib_v=8.21.0&us=0&iqid=%7B%22pcid%22%3A%22ba35e5b5-8f8f-44ea-8a6e-dbab8e9080c8%22%2C%22pcidDate%22%3A1699548098051%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%229480165a-51d3-45bc-b233-461ae84bf909%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html%22%2C%22name%22%3A%22securityaffairs.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%222108%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22securityaffairs.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aexuritywddwira_xon210..5489.7566%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a7797ba-b46b-4569-a7e3-bfe306d04619%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
82cda9d375de393cf6138b163a72943151eacac23c7dec144c9e659472bba4bd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1323
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/
956 B
1 KB
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&pid=c8Y8lyLbIemrh&cb=1&ws=1600x1200&v=23.1027.1921&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
fca22f2104f9fd007825c9c852814c8b66e55e85a7d6da32dcbb7510bc03770a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
11RPT9BQERKZMPJ0MJG8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
956
x-amz-cf-id
qr9Cia2nzCgSplCe5PxsvsdjCxBmu76f2S43B0VNYrVwHs6QWygNvw==
cc.jpeg
px.vliplatform.com/bi-v4/
0
270 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNAeqYweZK-artZ-PYyY-aMtA-yeMPMAYAZAtaRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNAR_yszuNyqsltRkjmNKYMbaARwlNqrquog,qdb,gftzqu,hxwdqzoe,hxwdqzoe,kzwigxlt,ekoztg,jxqfzxdrtb,lgfgwoRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUX9zUcAc%2BuX4xtUN7O9CKSS3JLEoiegLa6Okqg6C%2BhiTbIBs6q3QtFswuXpL%2FsUr5yi8Mp%2FCbRiU90EfAzz35aDT9VQijYF4sylzqiCaaQuaxr5Eaw7YSOxxH3EDISwoWlVvLF5S3tmcT3JZvMJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e2d9ba23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
513 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNZBAKaweT-ZqyK-PUBa-weBZ-YrqtqywUryUBRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNAR_yszuNyqsltRkjmNaKAbaARwlNqdb,hxwdqzoe,hxwdqzoe,kzwigxlt,jxqfzxdrtb,lgfgwoRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li2E%2Bqrxg5O9TvQ6Twwv%2FANOb8c94haQKMxhWuZdGKOoFhCfVsFBsrL5P9tfP8weB9oxeM3GjnM8H9E%2F3eN3%2F3ktrITXZ74e5tNP3B30a22oFQCarshJ4l1%2F2HdDQJ9GzrSuUzSALLpSBuve0wRIOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5ddda23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
268 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaZTtyMUM-TqKT-PeUB-wPBZ-eAZPwqqqwBwBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2msfWiAEn9fPBljRA66HNbVM8uARiiUxthaxl8xasoW%2FC5d2KtGPeAh3oim%2Bb8wmde3BYP4h%2BuKuhky5MlqiCSz1rAELC2csAARHy9oOZR7l5TrTnPD3bq1bQOg7%2FCNI8cnJx2%2Fg2c6dQq8wi2siw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5ddfa23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
272 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrZaeTaaw-aYtU-PYBK-qwya-qeAtKattPYKqRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMH9WfUl25zb%2BpslmMTSjVdjL5Wk%2FZwEyWhlCKdvrRtaruDwvh%2BkhOSYzTXmVMYXuLJwJ0JO9cZP8tGBVls9l5MW0x01pNluz5bf9dDKHWCST1L8hxtdq6VxuADzFfpMB9QTFUQvuiUv3%2BKmIcTQpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5de2a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
182 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/
0
133 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8237811e0c8336fa-YYZ
access-control-allow-methods
POST, GET
c
prebid.a-mo.net/a/
0
378 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/
0
197 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=48049308267&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/
46 KB
17 KB
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
783f35c2b1ac01b2a32a98a360841cee70c76ec86c47f22c6d5fdcaa360ef440

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
trinity.json
apex.go.sonobi.com/
4 KB
3 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22689089adbb62c5e%22%3A%22dc3fb521da1590cd931c%7C970x90%2C728x90%2C468x60%7Cf%3D0.01%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&s=360642dd-ea3c-426d-8749-8e792e72adc4&pv=eef28ff1-5fda-499f-9f9a-15042d4fe14b&vp=desktop&lib_name=prebid&lib_v=8.21.0&us=0&iqid=%7B%22pcid%22%3A%22ba35e5b5-8f8f-44ea-8a6e-dbab8e9080c8%22%2C%22pcidDate%22%3A1699548098051%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2262380c2c-c420-4b6b-a0fa-0d716d228842%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html%22%2C%22name%22%3A%22securityaffairs.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%222108%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22securityaffairs.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aexuritywddwira_xon210..5489.7566%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a7797ba-b46b-4569-a7e3-bfe306d04619%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b8dab6497c8b15214b042ad2ca73c722079a9e1f189966b3467c7ed674331638
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1302
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/
29 KB
15 KB
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
afc754208eeb712d84ac4bd5b32c23883381af41af813e070c44c10a04866b0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://securityaffairs.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
14910
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid
aax.amazon-adsystem.com/e/dtb/
651 B
1 KB
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&pid=c8Y8lyLbIemrh&cb=2&ws=1600x1200&v=23.1027.1921&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493111310_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A111310%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
6df687eb3c87cc8b5709a60c000210162205f02fd66f2e7a1c8a49dd010d027e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
XRNS6GX1GD18QH9YMZZS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
651
x-amz-cf-id
tl2yEcPe4yDNZN0VUYrzdwkWoZ8uHx778T6JZgf9YlDulSu9kyZr4g==
cc.jpeg
px.vliplatform.com/bi-v4/
0
270 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTTTBTARzdNMAMtZAyt-rPKK-PArt-wAYM-PPMBaAeUAMTZRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTTTBTA_TRwkjNAR_yszuNyqsltRkjmNaKAbaA,KYMbaA,PUMbUARwlNkzwigxlt,jxqfzxdrtb,qdb,ekoztg,ekoztg,ekoztg,hxwdqzoe,hxwdqzoe,hxwdqzoe,lgfgwo,gftzquRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5drOn0hWCZygrjVMvyyir5pl3e2O8L8vgq5henr7DZPUlmJmSZcBWNvNLo2TqRiRn5yK66SQbGWHjzL8690%2B2dfAVQbcHLmxUgBFm1m%2FvYlK%2FQnQl3zWj%2B8boZYMp8hk6ibr50OvW0pLMxzO0ewAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5de4a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
272 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPeayawqe-wtKe-PqKU-MZYw-KAPTtaUwUTPwRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNTTTBTARleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5ir6C5pRhXRQZggSkK%2Bbohsge2MsBBZQnmAImCYgOf%2FINC0Yl0xN5ATAdZ2pVD8W%2FYuVpAJ%2FiPSxZ0rs433drZU7Qca7Tb6SzRrRdwfWVBLFZbFgeiqvpBMBhiMXEiwVHO5oDm%2BM7QDtWsmMeYVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5de8a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
c
prebid.a-mo.net/a/
0
376 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/
847 B
621 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76154a54df9f1093c675efd448ba0c9ee749a6971beab0ea419a167334dc3b0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
cf-ray
8237811e0c8636fa-YYZ
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
181 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/
13 KB
6 KB
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
690ea7cdc7a9970cb68aea03232c0a041c628925476db63e5b47065eca357d67

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
trinity.json
apex.go.sonobi.com/
4 KB
3 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22835673f8e40bd7c%22%3A%22dc3fb521da1590cd931c%7C300x250%2C250x250%2C200x200%2C180x150%7Cf%3D0.01%2Cc%3Dd%2C%22%2C%22841dc145b3c8cd%22%3A%22ab125220a3333b88e772%7C300x168%7Cf%3D0.01%2Cc%3Dv%2Cpm%3D6%2Cp%3D5%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&s=ecbd1a99-d8dd-4e8d-a5ed-092336bc82f7&pv=eef28ff1-5fda-499f-9f9a-15042d4fe14b&vp=desktop&lib_name=prebid&lib_v=8.21.0&us=0&iqid=%7B%22pcid%22%3A%22ba35e5b5-8f8f-44ea-8a6e-dbab8e9080c8%22%2C%22pcidDate%22%3A1699548098051%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%224fa6d544-0d78-4875-af0c-4c7d7ab85e70%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html%22%2C%22name%22%3A%22securityaffairs.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%222108%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22securityaffairs.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aexuritywddwira_xon210..5489.7566%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a7797ba-b46b-4569-a7e3-bfe306d04619%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d78a05eb991d8d3d61d46ea6963ee77552ef44ed135262e1eb676dc5619311f2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1323
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
prg-apac.smartadserver.com/prebid/
25 KB
8 KB
Fetch
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.32 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
d188d819ad4f088a4ee6a98034deb638afdb1cbd32c590ba60ffacbd3f1c9da4

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/
0
198 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=68580386044&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/
20 KB
14 KB
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
1fdcf21a67dced7ef7487458ac3c2e43361f52074b73d0170de7b33e96d0aa2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://securityaffairs.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
14100
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid
aax.amazon-adsystem.com/e/dtb/
652 B
1 KB
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&pid=c8Y8lyLbIemrh&cb=3&ws=1600x1200&v=23.1027.1921&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
1e5bc4f463c4912130df98b2da27b5bcc9354266bb244f1dd1e14ecba6fd4061
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
AWSTDSKSV59SCXH4TZR8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
652
x-amz-cf-id
tbf36w71bSLiOafYyqrVE7YzpKeThV0dkOy61U5nVsCHNdyKGUldKQ==
cc.jpeg
px.vliplatform.com/bi-v4/
0
273 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNTTtqtAZe-AtTP-PAwZ-qKrr-ZKyKrPUeaaZMRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRwkjNAR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNqdb,jxqfzxdrtb,kzwigxlt,hxwdqzoe,hxwdqzoe,lgfgwo,ekoztg,gftzquRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdNBu6zmYbCPex35vb6BvTr%2FKYVog0AfdXfnsaCUMeOc%2BAC1UzTkUkKYemLknZJqtdFqSrKgcXs%2FoV9DTjY3voDX7QhanJijOx1Ka85vs3BbZWfbvXnIoZna8XFZo3ij6gL63%2F2Ro%2BgHhB7gY6bR%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5deaa23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
273 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNBtZePePq-TeTw-PeZq-aUae-BPZAeZKTMAAqRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNqdb,jxqfzxdrtb,lgfgwo,ldqkzqrltkctk,ekoztgRleNpl
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDirQkHU%2FMtPJMnioZ%2FUVl2CXhHVp8myObpKfO66pBCQ%2Bcf4rvSuoMNp36R2pkGbJM4ZQfR3z89JFHcNY%2BcJPKKoocEELRoJzhK88zr8Pk9AG37g267R8c32yw5AWOFG%2F2Mc%2BfDWQBdPl3zqE0x1HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5deea23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
274 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBYMAYBeY-yMZA-PqBe-wwPB-PwaPPqwAwyTqRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNTRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgKg4%2FXIrQKYAZVCl1XF24u7%2FcbzvqlT0CTxlzHy%2B7uDe7ARhXE15Vvla%2FJ0aw3Oywrg9rdhE0oTWYdYqadqt20OkI4Pk5v7GJ4AvOBl4WmfDF6AW4I8wcEXyH472QyquqPFZs%2F4gFYloVAp5mKvrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237811e5defa23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
script.js
cadmus.script.ac/dahhc4ozyvjm6/
132 KB
47 KB
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca29c281587b553a19f8e2c476d7fb0ef4efa0371660ec11e547235eeecf382

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 14:49:30 GMT
server
cloudflare
age
0
etag
W/"9aa3ab78c5fed3ac89859319822371a2f04b1965"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8237811fa957a211-YYZ
adagio.js
script.4dex.io/
77 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
267052
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8aXSsZc9yrTlaBchVm%2F2mO7UbRFNWTE613iiMyC%2B9hCKXC9sJNQgE0LKy7FyIApz4YSzgNBLgyhvKDGGoaNqUkeYE2jD5UqIabMp2ZPLZ0NjYrXkaeqWD7brejQqKogSR1T2i%2F87WkGdk%2BG"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8237811f9eba5485-YYZ
iu3
s.amazon-adsystem.com/ Frame 4FBA
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
363 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
69024c46d5c8b012a8a8dfb35945a33747ac54b12d49f531cd2d52a7025a7a77
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
363
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 09 Nov 2023 16:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M6JF7RQ5KC1WHQKYHEXV

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K3HBGXZ254WW2K57EY9C
/
onetag-sys.com/usync/ Frame C239
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
6e94d2459be6f951472bf793630073b785731963f0800d67c030f090ba325fe8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1411
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:41:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 09 Nov 2023 16:41:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 09 Nov 2023 16:41:38 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/
0
105 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache
pbc.vliplatform.com/
63 B
425 B
Fetch
General
Full URL
https://pbc.vliplatform.com/cache
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b5a3208f1504b0e433d87316889116b58a7336d8198afe8268e1073b93d7a6

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:41:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Hv0DxnCWFM%2BgUG8u2RkJYBq%2BUvNRedmaaoBEF4riqSCAb8hX8bQAfY8f6qkc2dI7Q8%2BtTNz9aYBllz9GY%2B6g8nY8zMM7xTJUQxEOP3ksc9KG%2BvCqqiysFn%2FhRCDbRcEpa0sjacmog2IP%2Fswl6HVyVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
cf-ray
82378120794da23a-YYZ
alt-svc
h3=":443"; ma=86400
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 09 Nov 2023 16:41:38 GMT
Server
MT3 1075 283b7e3 master ord ord-pixel-x56 config_version:"455"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 09 Nov 2023 16:41:37 GMT
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LORF225Y-A-HXS7&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LORF225Y-A-HXS7&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LORF225Y-A-HXS7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
an-x-request-uuid
645740aa-47a7-4c9a-97a3-0fd879f575ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699548099051009-273
tap.php
pixel.rubiconproject.com/ Frame C239
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Iy7QIqrLgrVPv1XHZoKqOlFFRRslbHeJx5QjXfDj_SA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C239
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi7T18FbT_8EHA1mjkbDDeRl73rhbILRaTw
170 B
244 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi7T18FbT_8EHA1mjkbDDeRl73rhbILRaTw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi7T18FbT_8EHA1mjkbDDeRl73rhbILRaTw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
date
Thu, 09 Nov 2023 16:41:38 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C239
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R6NPPZ577DAGYBKNJYWH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhDMEU5NDUtMzVGNC00MDdFLTg0QzQtQjAzQzAzMjBCMEM2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
date
Thu, 09 Nov 2023 16:41:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGRnALehH-dT7L_9q3qe3lo&google_cver=1
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGRnALehH-dT7L_9q3qe3lo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGRnALehH-dT7L_9q3qe3lo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
date
Thu, 09 Nov 2023 16:41:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:41:38 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame C239
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&google_hm=Y2UzOTg4ZTYtNTIxYy00ZTlhLTg4ZTUtYmIzOWZiMDFkYTBi
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFBCLp9uNt9Bx70uiAfhk-g&google_cver=1&ssp=onetag&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 09 Nov 2023 16:41:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
u.4dex.io/ Frame C239
0
710 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=onetag&uid=Iy7QIqrLgrVPv1XHZoKqOlFFRRslbHeJx5QjXfDj_SA&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:38 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
cc.jpeg
px.vliplatform.com/br-v4/
0
319 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMAqTqrya-yeaw-PqAY-qrUY-wryeKPqwKyYZRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTTTBTA_TRysggkNAGATRwkNqdqmgf|AGAB|KYMbaA|wqfftk|A|,gftzqu|AGTKTAUYAUZUPaaaaaM|KYMbaA|wqfftk|BAa|,hxwdqzoe|AGTTT|KYMbaA|wqfftk|PZA|,hxwdqzoe|AGTTT|KYMbaA|wqfftk|PZT|,hxwdqzoe|AGTUYM|KYMbaA|wqfftk|PZT|RmNTTTBTARleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnCZ5d4XDi35UV0dPB%2BVF7qW2U8v3rEsYZkHKEwik9w%2BMmH%2F9U0HJyGsnnWGfISTqpi5k1DuJmZA608e1kmJeazQPYO%2F5zahYrojRGGDtYjQtmNcEDoO0m26Wpf1XdOOikN26PqxhC0KTybpHFRpww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378122bcb7a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
356 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeBwweBZT-rwAA-PtUZ-qMMZ-UBPKtwTtYTZTRlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRysggkNAGATRwkNqdqmgf|AGAB|BBUbYMA|wqfftk|A|,gftzqu|AGAKYBYUaaZTYZ|BAAbYZA|wqfftk|YMM|,hxwdqzoe|AGZYZP|BAAbYZA|wqfftk|PUT|,jxqfzxdrtb|AGAAM|BAAbYZA|wqfftk|ZKK|RmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0YznBAqOnXObDQlGpZ99Uksg9tLyWrGcGCR32a43Pu4o%2Fbuj3YDjBVsgSWH6ElEJPOHy0V94Zix%2BOMSJBRi1BGNJ%2BsSP9i9g6J3qJyhglgZLRiG7aOFUKj0DpN4im%2FqDz90R%2FDAIqfJv9bKDnnlLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378122ecfba23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
272 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTKeYYTrM-Yery-PaYe-MKry-yrBABMaeAtArRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRysggkNAGATRwkNldqkzqrltkctk|AGYTMATKBUUaMTZAAAK|PTAbYBT|cortg%20gxzlzktqd|ZPK|RmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RZwjzyLUi4tY%2BRmdk2yVri5BWTBsFH7Bgp1ZgBA5L6gGBNf6hFcT0B0%2BNDUBn8pREmM%2BleolHKo3usb7pVYFHHO8w8Z112wKjfS4MCIKy0leJEWZ%2B4tWOdKL2rRnS2jcxguUqe7UhUe%2FwSTELqXlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378122ecffa23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
277 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrPeTMBaw-PBKT-PYwB-weeZ-rYeTqYYtPUttRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRysggkNAGATRwkNldqkzqrltkctk|AGBZYUAUMYUYBPKAATB|UPAbPMA|cortg%20oflzktqd|ZPZ|RmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6FAiqL8Gnx7GPj6phr3JDeM3%2Bnh9k57%2Bt%2BVZ9wvI4j5qCux5%2BiXrHg3CFthcDpQgILO2TJ4kACkeON%2BjG1EuPYUjYwbXbl42UXs0%2FjKxuq5Vm%2F2w4SfYI74ZI8ArvWCV7r%2BfIWF0DPVmxcV0zRs7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378122ed01a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/
221 KB
63 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3334696842036870&correlator=1405802903850458&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22655399017%2Csecurityaffairs.com_vli109421&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699548099015&lmt=1699548099&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=true&dlt=1699548096101&idt=2103&prev_scp=vli_adslot%3D109421%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_slot%3Dvi_24493109421_banner%26pw_tagid%3D109421%26pw_network%3Dtrue%26hb_bidder%3Dpubmatic%26pw_pb%3D0.59%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dsecurityaffairs.com%26real_cpm%3D0.5254&cust_params=hb_domain%3Dsecurityaffairs.com&adks=4164568994&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d566d8859292199d29f9369e2ac1409a3f2b098c4819ecac9b237418273ac9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64416
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/
0
368 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqyUwqZaA-KAYq-PYqa-MYBU-eTtqyBTtyyBeRdzNwqfftkRwlNcso_YKRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE48u9qRnWTLnc5W7Pk8UdrY9E2M7sIKsYWpXNI4cSr4ZGNp8H6LEvfu3IQaVNAVFbXMLn17rzlDzD6Z81tk0sTCQDhlDppUI7X1mzLEGLSCvbpQ8qb7YovCbtZlVZ0POm32HO6SmImQ2CT11HH0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781230d20a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6F8
6 KB
3 KB
Document
General
Full URL
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
Fri, 08 Nov 2024 16:41:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/
39 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 06:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
36287
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13760
x-xss-protection
0
server
cafe
etag
8051071232551270508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 08 Nov 2024 06:36:52 GMT
ads
securepubads.g.doubleclick.net/gampad/
164 KB
57 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3334696842036870&correlator=1880558302813336&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22655399017%2Csecurityaffairs.com_vli111310&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699548099057&lmt=1699548099&adxs=315&adys=378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=true&dlt=1699548096101&idt=2103&prev_scp=vli_adslot%3D111310%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26pw_tagid%3D111310%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Donetag%26hb_adid%3D93c7997fbad6d7f%26pw_pb%3D0.19%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dsecurityaffairs.com%26real_cpm%3D0.17106206564999998&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3444978212&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54328a37847f1728addd7b88ac447f87744d7c39b16c018d92558385ab5ae31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58467
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/
0
279 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZeqywYqT-MaYM-PTyK-qKrA-qPeerwYYKTYyRdzNwqfftkRwlNcso_YKRkjmNaKAbaA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNTTTBTARleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y92Nx5IIfua%2Fo5xI9XmwH%2BZFE7kPxMGPf8Z%2BtfB%2BLkIV6yupvh3W0z%2FyoL7TwOPlI8vx7fM1uwqii8kJ%2FDU%2F5iJr7D9YrYYJmDwg4LTgP5xCF4rI7yfcB0g5A3t8SxZQz79%2F%2FkxxeGscb7nBL9GFuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781234d99a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
265 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUTaUtUTP-wTty-PMZP-MTyA-qUTeYrZYrYZZRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRysggkNAGATRwkNqdqmgf|AGAY|BAAbYZA|wqfftk|A|,gftzqu|AGYKZYaMMTMZPaaaaaP|BAAbYZA|wqfftk|YaB|,hxwdqzoe|AGTTT|BAAbYZA|wqfftk|BKB|RmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FHBRrtqnLaXdZMrk71BCfEgoYOsp7aYNXQuDtxOFhGFnDuHA2ZtoF4YqFs7y7NWgtqqfIw7zEjBgF55Hivm2pJARO9y1txDENqcz44HqVZMw47jEbEdM7dwy9F4Vfdl1Dlgkb8VGlWcA7WsjjCOWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781235dbea23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
278 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKZaUAqBt-eKPB-PqMM-qZPY-rPAByaMUeAATRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRysggkNAGATRwkNjxqfzxdrtb|AGZ|BAAbTUM|cortg%20gxzlzktqd|BAM|,ldqkzqrltkctk|AGPTaTPTPUZMZTYAATU|BAAbTUM|cortg%20gxzlzktqd|PUY|RmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvS%2ByZ%2BVW%2BNpG7eLxmBH6EaLRIpNp7HGuITeCISXX30bpe3jOLp5P1CGK0SLafBRC6A6kyF6Mv66SiaECb7%2F5kPR2ry48xtx%2BYrEHeuWiZcBqoJpXaAqPyJ9UYxTZ%2FNCMxgaz6SjfHy4GRfzsj6%2F%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781236dd9a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
271 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPPqABMMq-tZwU-PAqa-qrUe-MAAZqAMTayyYRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRysggkNAGATRwkNqdqmgf|AGAY|KYMbaA|wqfftk|A|,gftzqu|AGTAYUMKMPKTaaaaaaK|KYMbaA|wqfftk|BUT|,hxwdqzoe|AGTTT|KYMbaA|wqfftk|PZZ|RmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqidv88zBvCvzgF4cbcKI7hoUEf45LKktT%2BTgfoQBw8WwoQ4GMtyeST5qV3XgMHYTpffBX%2B%2FRTtdeRmtqGnf161EVMYDqh%2BB7KIgKTIgC6n5QDjTftXBG6J1uhDnrpFH7C3cmfA5KRtlmmkFI6iM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781236ddca23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/
0
320 B
Image
General
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwMTBttBB-yPPK-PUwt-qwwr-ArTyPMrqPZwqRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRysggkNAGATRwkNqdqmgf|AGAB|aKAbaA|wqfftk|A|RmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ9kNhKMsuXA0bHZRdbC8t1Hv9eFW5kljvKQp3WbRWhx2tLWgxDYAfeWTS6ToYYaM%2FmvRVXCwYTIiRFj2H%2BvKzMvK9W%2B%2F8ByyFBwPVphzpaPcVKa2rnc0VKNC8rWIL7hfIZviIS2zI0e1GPnIxeGIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781236ddfa23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
pr
s.amazon-adsystem.com/v3/ Frame AC87
2 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
54b94dcf559ae6da241255092aa5ddae9936c295f97935efa2578f7483b7fa9c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2527
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WJ39S46MQPTC61M1NM5R
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:41:39 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3334696842036870&correlator=2602200915906095&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22655399017%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=4&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699548099088&lmt=1699548099&adxs=405&adys=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=true&dlt=1699548096101&idt=2103&prev_scp=vli_adslot%3D107667%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D168%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dquantumdex%26pw_pb%3D0.60%26hb_size%3D300x168%26hb_source%3Dclient%26hb_format%3Dvideo%26hb_domain%3Dsecurityaffairs.com%26hb_cache_host%3Dpbc.vliplatform.com%26real_cpm%3D0.5%26special_bid%3Dtrue&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3211921739&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68454b324cafc601e82a8a42fa2a946886690be81d0cf2de83612a7f6b376ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12453
x-xss-protection
0
google-lineitem-id
5895501249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378800477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/
0
272 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyKKTwAtP-TaPe-PatM-awAa-wrtYTaBywUPTRdzNwqfftkRwlNcso_YKRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeFLf22ATxtGFPXP0aQQ9qFNa3PLRCJ%2Fcewrcb25qO%2FvpbF664cqUsuEp5TfQuNzon4MUwjtwqdiTwCuHtcnyavV2YvTCszhpj%2FI3cBVBrPKAbiG8sEJrz%2BCJeV6XY9nK%2BpKsP4AqV4%2FyodPcAHtwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781236de1a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3334696842036870&correlator=3246620738640451&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22655399017%2Csecurityaffairs.com_vli108383&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699548099109&lmt=1699548099&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=true&dlt=1699548096101&idt=2103&prev_scp=vli_adslot%3D108383%26vli_acc%3Dvli_27%26vli_adtype%3Ddisplay%26hb_width%3D90%26hb_height%3D90%26pw_tagid%3D108383%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dpubmatic%26hb_adid%3D994a5196d866713%26pw_pb%3D0.12%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dsecurityaffairs.com%26real_cpm%3D0.111&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2122448310&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d9347073466eb1f2160421a0b775742abef5b7910208a2cd25e5ca26251fd0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12446
x-xss-protection
0
google-lineitem-id
5895501072
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378800483
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/
0
271 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPPUTrMZT-YByZ-PeUU-MZZY-aqKKPAawyyZrRdzNwqfftkRwlNcso_YKRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQa0612dSiYMxQ6bLmc2qMetcSLCIUi03WWHEe0NC%2BgPhj7efVg8eVJmJMwLJV9%2B%2BnGEoOuvJz6SN4Db9zBX5V5f0vlaUsHou%2FbMkHzPzBMKuI7cjcW2U890QbvHSO3C8yvLs8STdUC%2FcDaxu8g4ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781238e06a23a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ee30eb1cd0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ee30eb1cd0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DPRWAA0RDSWP7NTE22JS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:16 GMT
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
23
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ee30eb1cd0
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
0qhw1h6f_vMKsikPp1h-3j9yfdY3db3xqGUdjHyKWUouifSHinfqsg==
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZN78TAK4BR4BCFNEWH2T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Date
Thu, 09 Nov 2023 16:41:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TX163KX3QMJKTQ6RCB95
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e
date
Thu, 09 Nov 2023 16:41:39 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=D49FE6139CB34124B84DD67D7B3FB79B&ex=simpli.fi&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=D49FE6139CB34124B84DD67D7B3FB79B&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NWVGAY10AMQ08Q409EV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=D49FE6139CB34124B84DD67D7B3FB79B&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 Nov 2023 16:41:39 GMT
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=4df39c491145063d28hxwf00lorf22bg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=4df39c491145063d28hxwf00lorf22bg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B4MJW92RKE25D8KNJKXC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:39 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=4df39c491145063d28hxwf00lorf22bg
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame AC87
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAEZk07KmhgAABRwTZiIEg&ex=beeswax.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAEZk07KmhgAABRwTZiIEg&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R5EM8RKNFX0TY3JWJCKH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAEZk07KmhgAABRwTZiIEg&ex=beeswax.com
Date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame AC87
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://sync.outbrain.com/sync-external?uid=i2bMDCOzHBwHsbVY-aO-&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F...
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPM...
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RC...
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
42 B
805 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=15268&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLJGJRE2RCDJ55EQQTXJBZWEVSZFVQU6LI&p=15268&obUid=esok09tZhD1sGyS8fMqFhTUqkgsmaKfuQD8atTjbkHuVRXy8dEvxmSH4QrS-K0v6&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Date
Thu, 09 Nov 2023 16:41:40 GMT
Cache-Control
no-cache
X-TraceId
9394be998e94ebe1d563dea6812ff5c7
Content-Length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 032F
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55860
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 2160
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1652812984930789700&gdpr=0&gdpr_consent=
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1652812984930789700&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KFZXQ5BK9N4GTSMJF0CW

Redirect headers

content-length
0
date
Thu, 09 Nov 2023 16:41:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1652812984930789700&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 7572
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3b67c0e70390154c&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHkPcm_Xh5DQM5kAkvAAAAAAA&expiration=1699634499&is_secure=true
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHkPcm_Xh5DQM5kAkvAAAAAAA&expiration=1699634499&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6GKKRP5XZ487RR6VJ9R7

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHkPcm_Xh5DQM5kAkvAAAAAAA&expiration=1699634499&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
amazon
ce.lijit.com/beacon/ Frame 33B9
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB
Document
General
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
5c364884e4f1d29b983e0eaa250ea2f9bc04cb973d2fa20fc5dfb62e443f184b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
558
Content-Type
text/html
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
ecm3
s.amazon-adsystem.com/ Frame 488B
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2572705412202874115175
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2572705412202874115175
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-LoopMe_pm-db5_n-simpli.fi_n-baidu_n-Beeswax_smrt_cnv_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
97FT7M73BPX6JG7N4ZWN

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 09 Nov 2023 16:41:39 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2572705412202874115175
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame E6EC
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa3cb2957b9d1c2b14e59e469424e4ebaa8f8cc5b49c309f2f01b7f9f56d941b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 07:57:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54963
Connection
keep-alive
Content-Length
13281
Expires
Fri, 10 Nov 2023 07:57:42 GMT
khaos.json
token.rubiconproject.com/ Frame E6EC
7 B
860 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 032F
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37510139&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
65f1cb67c7dfc1d8273284b05040e330efa7769fd6bbcfd5e6c076ef52e7b53d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 09 Nov 2023 16:41:38 GMT
content-length
1731
content-type
text/html; charset=UTF-8
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:41:39 GMT
container.html
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAD6
0
0

bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 9840
754 KB
242 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:35:07 GMT
expires
Thu, 07 Nov 2024 16:35:07 GMT
last-modified
Thu, 02 Nov 2023 19:38:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 16:41:39 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1DD8
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 09 Nov 2023 17:32:46 GMT
cc.jpeg
px.vliplatform.com/bw-v4/
0
536 B
Image
General
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeqewYqAZ-qwUt-PYaY-aePt-aUeaUaeaZYyqRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRwNjxqfzxdrtbRhNAGZRlmNBAAbTUMRdzNcortg%20gxzlzktqdRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOT8dUjM%2FXtTHV%2BBU0m%2FBWnlCWcKuAs1%2FA7XeHweZFRo7rpba572cTGzogSPuMARzjNMbdJofDlJqI8mw4f8oeQlyu1cJ5CTj5J3AMDKKi5vLQ4jle45uFTGxWCbHNE4kj8j15bIoTtJZCG4Vydg6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781263935711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
vi1.mp4
assets.vlitag.com/plugins/vlPlayer/static/
263 KB
0
Media
General
Full URL
https://assets.vlitag.com/plugins/vlPlayer/static/vi1.mp4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Sep 2021 07:39:40 GMT
server
cloudflare
age
35261
etag
"613868bc-41c2f"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-269358/269359
cache-control
max-age=16070400
cf-ray
823781264d6639d2-YYZ
alt-svc
h3=":443"; ma=86400
Content-Length
269359
expires
Wed, 08 Nov 2023 06:49:51 GMT
setuid
u.4dex.io/ Frame E6EC
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LORF21YV-1G-7I30
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84c4202fed6248b1767e8f951a1c3654
Expires
0
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1699548099924
  • https://ad.turn.com/r/cs?pid=45&rndcb=6034495754
  • https://sync.1rx.io/usersync/turn/2513037740847063967?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Date
Thu, 09 Nov 2023 16:41:41 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX10ee9d11923d437482cba9de0ccf37c2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
/
onetag-sys.com/usync/ Frame A260
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e7ebfe979a1dafb0e13d32a6f9b1edc7a4739f393a66b63eb381a09109fc4373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1274
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ecm3
s.amazon-adsystem.com/ Frame A260
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zPYvhfCNwmFd7YYoylXFKG3l2nXvoZBgm2uk3g0SLaw
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zPYvhfCNwmFd7YYoylXFKG3l2nXvoZBgm2uk3g0SLaw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2KDE2QQW7K03PW0MDQJK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zPYvhfCNwmFd7YYoylXFKG3l2nXvoZBgm2uk3g0SLaw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LORF21YV-1G-7I30&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LORF21YV-1G-7I30&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LORF21YV-1G-7I30&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
an-x-request-uuid
e31496bb-a3dc-4d00-a5ee-fb5a92e4eae0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699548099639020-1192
tap.php
pixel.rubiconproject.com/ Frame A260
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1652812984930789700
date
Thu, 09 Nov 2023 16:41:39 GMT
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame A260
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUymJQU746oAD7lmsrnmfA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
0
129 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:34:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A260
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d389a46b-20c1-48eb-a0d8-84e096eb65fb&ssp=onetag&gdpr=0
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 09 Nov 2023 16:41:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
u.4dex.io/ Frame A260
0
596 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=onetag&uid=vS1UrklXqmjTrkaoFk7e3U1l1i1H1fUKq0DTCjLvVrg&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?attrep=f&attua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&atthead=t&attinj=t&attexp=none&lid=169&sdkv=h.3.600.0&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=&expires=30
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=&expires=30
date
Thu, 09 Nov 2023 16:41:39 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dUNktMYxWersky7jiUySY8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.N2s4lE2oKAyN63S5h29e7H6KO3FAYlEYl1CA--~A
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.N2s4lE2oKAyN63S5h29e7H6KO3FAYlEYl1CA--~A
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.N2s4lE2oKAyN63S5h29e7H6KO3FAYlEYl1CA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E6EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u9IsAgEPR_iuSNnBfdjnjA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u9IsAgEPR_iuSNnBfdjnjA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u9IsAgEPR_iuSNnBfdjnjA
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BWH736783J7YWVJE621B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u9IsAgEPR_iuSNnBfdjnjA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame E6EC
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PD25N42BBPTG6BQYXAR6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E6EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1ODgyMzJjZDQ0MTRkNzNiOTk0ZDg5YjRjYjkzNWJiOTExZjQ2OA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1ODgyMzJjZDQ0MTRkNzNiOTk0ZDg5YjRjYjkzNWJiOTExZjQ2OA
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1ODgyMzJjZDQ0MTRkNzNiOTk0ZDg5YjRjYjkzNWJiOTExZjQ2OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFGrSTBUkD4uASaoMzMj2_M&google_cver=1
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFGrSTBUkD4uASaoMzMj2_M&google_cver=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFGrSTBUkD4uASaoMzMj2_M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E6EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9SRjIxWVYtMUctN0kzMA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNTc0Lg5FZcewYMyqG_Vpo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRjIxWVYtMUctN0kzMA==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRjIxWVYtMUctN0kzMA==&google_push=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRjIxWVYtMUctN0kzMA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
setuid
px.ads.linkedin.com/ Frame E6EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORF21YV-1G-7I30
0
515 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 69A8A877091C4704ABF153C604701F51 Ref B: YTO01EDGE0416 Ref C: 2023-11-09T16:41:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJuuDN4o/u1phFejoUlw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORF21YV-1G-7I30
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEZk07KmhgAABRwTZiIEg&expires=30
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEZk07KmhgAABRwTZiIEg&expires=30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEZk07KmhgAABRwTZiIEg&expires=30
Date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame E6EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORF21YV-1G-7I30
68 B
281 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
34.195.47.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-47-71.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
setuid
ib.adnxs.com/prebid/ Frame E6EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
an-x-request-uuid
1ec53946-de7b-42be-a66a-ca654e6b5fd6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame E6EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORF21YV-1G-7I30
95 B
437 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORF21YV-1G-7I30
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame E6EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LORF21YV-1G-7I30
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E6EC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5e872b9c-c8d1-475f-a771-4666c6760cd7&expires=30
42 B
773 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5e872b9c-c8d1-475f-a771-4666c6760cd7&expires=30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5e872b9c-c8d1-475f-a771-4666c6760cd7&expires=30
Date
Thu, 09 Nov 2023 16:41:40 GMT
Connection
keep-alive
X-CI-RTID
ecad30ed-d191-47c6-a779-29c15f01cfbe
Content-Length
144
Content-Type
text/html; charset=utf-8
magnite
prebid.a-mo.net/setuid/ Frame E6EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LORF21YV-1G-7I30
0
148 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LORF21YV-1G-7I30
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame E6EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LORF21YV-1G-7I30
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30&ckls=true&ci=teeZip6z5J&nc=false&trid=1620051571
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30&ckls=true&ci=teeZip6z5J&nc=false&trid=1620051571
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
18.67.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-120.iad89.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
X740C2h41JVCh1rMkBNPmMCzLR5nHkJVtfPvLlJQpAmgOItNsy4FIA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORF21YV-1G-7I30&ckls=true&ci=teeZip6z5J&nc=false&trid=1620051571
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
qZJuzhowY-dyEfcgYqmG802K3sZqbNsm8FR4UmrulebEopLztBDgwQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0488
6 KB
3 KB
Document
General
Full URL
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
Fri, 08 Nov 2024 16:41:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/
0
498 B
Image
General
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyqrAreZK-Ptae-PYUP-MrqT-aPYKPrZUatAqRqxeNRwNcso_YKRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNyqsltRmNTTTBTARleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imn11zJFRQzT2BjwNuRYvPO3vN7aAvJsQaXo%2F3idCSR40f1IYpebcP1Rqn6my0OzMx1LgfNfSc5iCld0uHlaSY3Limh2Up0pQsm1gsiAXaiPugmPd8fFnXB2RpQj3v5mr%2F%2BmCUzrzok%2FFvEoJ450xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781277bc7711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.600.0&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type&ctv=0&lid=6&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9840
0
225 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lorf22jf&c=5015548753147&slotId=2507774376573.5&eee=missing-element&bi=missing-id&faa=1&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.8510648130078697&time=1699548099762&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4607
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4N5RYSAV8EGCKA21577G
ecm3
s.amazon-adsystem.com/ Frame 4CC9
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AZFAFH1B2G43AJJ7EVY2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 032F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KMDpRTX0QH6ExLA8AyCwxg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55860
accept-ranges
bytes
content-length
5636
expires
Fri, 10 Nov 2023 08:12:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 032F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28C0E945-35F4-407E-84C4-B03C0320B0C6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28C0E945-35F4-407E-84C4-B03C0320B0C6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0633bcd8-fc67-447d-af38-f03f3b151a77&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0633bcd8-fc67-447d-af38-f03f3b151a77&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0633bcd8-fc67-447d-af38-f03f3b151a77&ttd_puid=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
date
Thu, 09 Nov 2023 16:41:40 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 032F
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2028C0E945-35F4-407E-84C4-B03C0320B0C6&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame 032F
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 032F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUymJQU746oAD7lmsrnmfA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
date
Thu, 09 Nov 2023 16:41:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 032F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
42 B
116 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 Nov 2023 16:41:40 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 032F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
0
48 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
SPug
image4.pubmatic.com/AdServer/ Frame 032F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MDizzlRE2uUP88O7.iodkivlmdkfdxQ-~A&gdpr=0
date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
28C0E945-35F4-407E-84C4-B03C0320B0C6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 032F
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/28C0E945-35F4-407E-84C4-B03C0320B0C6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:c4e3:8320:b906:8d19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
container.html
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ECD1
6 KB
3 KB
Document
General
Full URL
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
Fri, 08 Nov 2024 16:41:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/bw-v4/
0
501 B
Image
General
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNArreBYUY-aYTA-PTeK-wyyA-yBrTPUBBAPPYRqxeNco_YPPaBTAMBMB_MRwNhxwdqzoeRhNAGTTTRlmNKYMbaARdzNwqfftkRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaI2je1L92xMsAdqRllmiFJQUnFA%2FqDSObAOcETPNyQswtL8OPHUPhMMTzqmRdX%2FzqPnpEd%2Bcgrs2qpmeQaHXqbBjKkv7u08uty4Cmn49jw2dvoF3KsSgn%2B6ZKl5j19mvt21HKEFqNpwcaDbJ3%2FC5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378127ecc1711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699548099804&timeout=f&logid=0.8510648130078697&timediff=42&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache
quantumsyndication.com/ Frame 9840
2 KB
983 B
XHR
General
Full URL
https://quantumsyndication.com/cache?uuid=9a614105-f5aa-4a58-a5e2-2d60f10b0d29
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decdfcecd30a92a186ef7c5701587da8cf3bf4764de4beea552f9d721ae73e50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN3Cu%2F%2BaOChIKua%2BAZ%2Fiej2JgD7mF56Zi9ckDOiR0NvMHYFlUGK3h0vGjoRaJh3JvvC%2FMchp0mFazFUhQPLkyjuiqeo9nV8zucoilL37DeurBggXy9UlajewvgYuSJzfO7wgXdLieh5kb2AcSkFjhu3fjbg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://imasdk.googleapis.com
content-type
application/xml
access-control-allow-credentials
true
cf-ray
823781299c3f54a3-YYZ
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 0488
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
9273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 14:07:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 116A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
30867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 08:07:12 GMT
etag
48472445140208031
expires
Fri, 10 Nov 2023 08:07:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 0488
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
8627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 14:17:53 GMT
l
www.google.com/ads/measurement/ Frame 0488
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrS1Iw8bGtmqdyqb7qR9IhqtWLX42_-noDvbzOgJBdqLXW-R-xRfrTET2nPYGVgXAgzKFXeW0-EcLTsYgx8fx4ntl1ew
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0488
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
181916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Nov 2024 14:09:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0488
190 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:40 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ECD1
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
181916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Nov 2024 14:09:44 GMT
creative.js
cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/ Frame ECD1
27 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
content-encoding
br
age
33165
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9566
x-served-by
cache-fra-etou8220114-FRA, cache-yyz4573-YYZ
x-jsd-version-type
branch
etag
W/"6ae6-HipPh6snRMhowanEoWkzrzhb7Sg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECD1
190 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:40 GMT
ecm3
s.amazon-adsystem.com/ Frame 33B9
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=HoNphPZHfo40qwB1T-6mCZeS&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GTNHFW6HNY04XQ64QPE6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 33B9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D659807...
  • https://ce.lijit.com/merge?pid=16&3pid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=16&3pid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 33B9
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HoNphPZHfo40qwB1T-6mCZeS&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:dc7914dfee66b4b74964e8031de2b30d
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:dc7914dfee66b4b74964e8031de2b30d
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
server
Aorta/20231107.3310b94bd
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:dc7914dfee66b4b74964e8031de2b30d
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
a50423df4116
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 33B9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=b8hXQzY7XWqJ&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=b8hXQzY7XWqJ&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=b8hXQzY7XWqJ&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1
77781087eb9a0621642f9ebec6beb8d1.gif
cs.krushmedia.com/ Frame 33B9
0
0

merge
ce.lijit.com/ Frame 33B9
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1699548099861&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=D49FE6139CB34124B84DD67D7B3FB79B
43 B
868 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=D49FE6139CB34124B84DD67D7B3FB79B
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=D49FE6139CB34124B84DD67D7B3FB79B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 Nov 2023 16:41:39 GMT
dpixel
cms.quantserve.com/ Frame 116A
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIyDFBIDHVri4Ur_JKdex70&google_cver=1&google_push=AXcoOmSM06R0ToV60UAWGPFIscyiHn73LO5j4VbTH0_qeAYG8s7bBILSNKYUQY5TLykH4N66W83uxuM1wRlfZn4hdesc7fSQBzRJLQ
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 116A
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzkyM2I3YzEtNWY0Yy00MDg3LWI4NjAtYjZmMjQyYjQyMTdk&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=1&google_push=AXcoOmRQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzkyM2I3YzEtNWY0Yy00MDg3LWI4NjAtYjZmMjQyYjQyMTdk&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=1&google_push=AXcoOmRQ3oDgGlgXiNI9Z5jg1fiQII34Cc3L9NzKaFVwuR3QSIyqkQsRBJ94_dG5J26SMxV3FTZfjr6Xrj03uNt4iI7_EHnXGe4D
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzkyM2I3YzEtNWY0Yy00MDg3LWI4NjAtYjZmMjQyYjQyMTdk&google_gid=CAESEB08jpFQrd6t-CBJZ5C3ajc&google_cver=1&google_push=AXcoOmRQ3oDgGlgXiNI9Z5jg1fiQII34Cc3L9NzKaFVwuR3QSIyqkQsRBJ94_dG5J26SMxV3FTZfjr6Xrj03uNt4iI7_EHnXGe4D
date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 116A
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTPELWEioHsSKHyNA03L7oe2FmqCVn3K-U3dEBeph0I2dzu8EoOq5yjkV4hto6gHJqWET7VtG2bMGtin-VJHdlOWYjExeRxgA&google_gid=CAESECCTLLJejx4QRn483oFmbtA&google_cver=1
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
395084
expires
Thu, 09 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 116A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBaGyIodTx6fqNpGL-PT6kI&google_cver=1&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERc...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBaGyIodTx6fqNpGL-PT6kI&google_cver=1&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0t...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxOTE2MDc1NDc1NzU0Mzcw&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERc...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxOTE2MDc1NDc1NzU0Mzcw&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERcjbLlhI6SvCW1lseLmo9b
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxOTE2MDc1NDc1NzU0Mzcw&google_push=AXcoOmSNTPn7U67rth8mA_GU7hBERjM4oCDnHHB-ggYapaa1XzIGJ8A1iJq-Z11x-VKykCoyZ0tfQERcjbLlhI6SvCW1lseLmo9b
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 116A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEArgLqv-kq0ZFBMyZOjxYpI&google_cver=1&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAEGq_1MwAqtQRR2aXGQ&google_hm=aTJiTURDT3pIQndIc2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAEGq_1MwAqtQRR2aXGQ&google_hm=aTJiTURDT3pIQndIc2JWWS1hTy0=
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRokUrOPSJKDXsmsw1r7-feQRvtNHhjXlNarcrdEgYwNbxR7qmxSCZgqizRDuf1mZEb9vqEljWsNbfAEGq_1MwAqtQRR2aXGQ&google_hm=aTJiTURDT3pIQndIc2JWWS1hTy0=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 116A
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEGVaBijW0Lxq00i8I7TX4v4&google_cver=1&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLId...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLIdkD_-iYt3c2y6OqR3xjgfg28PomeZoNdnHY-FpM4xxyh_2U&google_hm=QlMuZWVlYy00NTh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLIdkD_-iYt3c2y6OqR3xjgfg28PomeZoNdnHY-FpM4xxyh_2U&google_hm=QlMuZWVlYy00NThjLTRkY2MtODhlNA==
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSUJHTmKhweRUGE7rIF5tX1DQ32-IQm7SBmqRLnGjUJjNVJXrLIdkD_-iYt3c2y6OqR3xjgfg28PomeZoNdnHY-FpM4xxyh_2U&google_hm=QlMuZWVlYy00NThjLTRkY2MtODhlNA==
Date
Thu, 09 Nov 2023 16:41:40 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 116A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECcUKvk_WtO9ejRemn59uzY&google_cver=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DF...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECcUKvk_WtO9ejRemn59uzY&google_cver=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8Qxw...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=04mkayDBSOug2ITglutl-w==&no_redirect=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51t...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=04mkayDBSOug2ITglutl-w==&no_redirect=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DFjoERN-j6u4OvEqB7c7Nnp2if2-Q
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=04mkayDBSOug2ITglutl-w==&no_redirect=1&google_push=AXcoOmSGUwl1IY2iIJwAvNyF5ocEycvzsyodD8XS6UtHDchiUhO51txNik23zCZlAe8QxwlkN-DFjoERN-j6u4OvEqB7c7Nnp2if2-Q
date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 116A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnesQSFxML2BPiHzE1PgNchTFO0m6DpKbtTsMAoice5Ly_AYjcy9OUhWhrnZTHAmO3K7Kr4ZY
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
container.html
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3418
6 KB
3 KB
Document
General
Full URL
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:39 GMT
expires
Fri, 08 Nov 2024 16:41:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 9840
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lorf22lr&c=5015548753147&slotId=2507774376573.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802172%2C44802463&fas=1&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.7324067276222013&time=1699548100252&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699548100256&timeout=f&logid=0.7324067276222013&timediff=4&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
win
rtb-useast.rtbserve.io/ Frame 9840
3 KB
3 KB
XHR
General
Full URL
https://rtb-useast.rtbserve.io/win?i=70atgBUHD3M_0&p=1699548098.184388&f=nurlnw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
46953a7dde3d51f0c0ef4e8288d0b577a3ce63dc155808ce9291f2157fe5f725

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:40 GMT
Server
nginx
Age
0
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3084
css2
fonts.googleapis.com/ Frame 3418
4 KB
768 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:57:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Nov 2023 16:41:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CFD4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
9273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 14:07:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5BF5
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
30868
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 08:07:12 GMT
etag
48472445140208031
expires
Fri, 10 Nov 2023 08:07:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CFD4
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
8627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 14:17:53 GMT
l
www.google.com/ads/measurement/ Frame CFD4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8CSNuzk-ddJ6GxmFQHlbcA_raf6kNtA304n7NFNRwRIDUeslQ9gUdm2tFGfxdpfJxfAKue37G3gRRoUVAeUKnAIK_6g
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CFD4
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
181916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Nov 2024 14:09:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFD4
190 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 3418
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
7807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
17726888854999048520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 14:31:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ECD1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvquy1eHsu2SGCYtzx2rMBslRRAbYA1yNemw5vX_8Xme2B5z1Elo1R6lWllaN_BaaknlrIiTwvAld6FrF060lpuSqOwu9UgpJ7s2ZS70fglBL9y1FjniVAPYw8CYIRW59U7tJSzs3goqGL2pe4MsFNN0LhTa7ubT2ISHo4sNAmiluX-AWss9GZRPymiMGWpfHL2SaakOd009Ajf1CPtukRecoNyPoDn-YxQ7Mr7fQw13xhRq4J7ipSJYZDFdE4Dzwm1ie7lie_YVDIc0N-66B0wt7Rgo3f7oj76LIo8Y4Y7ozGyehFvH45Z4VgI5BKFgkmvE44OXsT-qBHf3QvEAYFe5uvp5mChqxpHT0sq6X5jAlRha1NBOCMADzbN6qNPi0L2kwOB&sai=AMfl-YSxB91W9oU5j1g_LxepqLWytsGvGcWI2Q_ahHoB8zdd6G2YfcRMCNJQQUK-yX4OHIBc2JHP3s4FJVEqrCtzf1PGM0TC1SyaJ45KRRocC7HrObqeNvdMt9Tpa0oKZ5E&sig=Cg0ArKJSzMeU-oR_Bz9QEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 681E
663 B
254 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5D98
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:40 GMT
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 5D98
0
500 B
Image
General
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAweZKryq-tywZ-PqZT-qArA-rqMywMYTwKBqRqxeNco_YPPaBTAMBMB_MRwNhxwdqzoeRhNAGTTTRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHdolXpKZjqwx4qQH3BIEsmYJB0OWD%2Fvq0U%2B2rKh%2FNSvj5J%2BJgU6JHCvDdPtZ9L0F5WMrHhtjjekTMbHmTzV5hJ91zmvyTtq5Lh1YUcKah2qAsyu6WzTlvkBrFtD2KlA1XGNRFTluqX8OQLeDTZ1TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237812c4dff711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D98
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZrutq9JQdw6D_GO0gcM-rOlJLUVS44AFiJFeTJNjunUYuplJoXYYF8MLMa_ic6JIMzBqe5XGlLzbXz8rogcnIc6YxWhFLsB22QJGZBKyQONO8MtY
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D98
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13795544824782940663&x=6&ct=76
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/pubpower-platform/prebid-creative-pubpower@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0488
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c4c5df468d2efd2d4fba25d35569e9ecc1bd620fdfe8038f3b28a5935efa46

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 9840
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lorf22zf&c=5015548753147&slotId=2507774376573.5&nlc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.5690561349429102&time=1699548100627&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 681E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENCb56pgQwZP4GpzQfxb6Ik&google_cver=1
43 B
536 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENCb56pgQwZP4GpzQfxb6Ik&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENCb56pgQwZP4GpzQfxb6Ik&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 681E
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=cjVVb2FyNktza0E
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=cjVVb2FyNktza0E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=cjVVb2FyNktza0E
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 681E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&C=1
43 B
567 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BV6%2FZJy5iXAbb9uizTx%2BNt7fe0GRzcdf5be8jdIZYmShWXh6xlmWTVtFkPBvaNA4Cic%2F%2BJ5r%2Fg8%2FNoUINk7C3oP%2Bkj4DSwTHMoTzHmb14XRoplMeMphArRI%2FbUHRpK033TZhqq3Ga3dbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237812f4c2e5431-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glnl7%2B%2FsFgUAsHIP9tzpkwzptDqvzj4X4J6z9tHPLiI5EOffBmcJnoqLB3ra%2BVMpOvRTviDF2F0Javdop7ip3aOzRezWuu6yBMJbW1PJNLv8eXgQmYbmrefl7fzCRsRu5J0wizdgu8IHIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&C=1
cache-control
no-cache
cf-ray
8237812e8b205431-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 681E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU0LxIQ.p-0qjlW3xTznXgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&google_hm=2
43 B
770 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y-pCr7gEwAQ&v=APEucNVfisGzTmuFbl-yl6w9se9ANdIdTPd36XUZL_W5N2AenBS5yS1Bh2BypNJJCUfodZhUjER790I29qT5LMlqlaGVgoXngw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqMzRpeAVKKcNCUebVegoJLbeT%2FDnyWOCxrL7hMH2CrU9srQg2Z1sbDO%2FR4TTdUl%2FcelbJl3%2Br9tzQSu8hFTBNerkIQ1FmfTV%2F67aVGiGBGLl03Mz5puFPJcQ66BVBEf5mztej7wnm14Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82378130a93b36d4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhKE_sJklb4ohYrd_VWDxU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 12AB
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55859
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:40 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=c4df7e7f-62c6-4761-bf16-33e03eb65218
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=c4df7e7f-62c6-4761-bf16-33e03eb65218
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=c4df7e7f-62c6-4761-bf16-33e03eb65218
access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:41:41 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D98
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8794491231109&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D98
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8794491231109&version=m202309260101&ct=76&x=6&cor=13795544824782940000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5D98
98 KB
40 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHUFp7coG70mDT1AEwYSsZcUa8PzVrq_A9LyWCd_HiJIJbRaDgmAaW67pGYhwkdtq257vhei-jxVFRX70l0m4qdvWv6LCnwrcjgV1xW_a3u4qk6bdKTzX_l2mM1WrE_tzEXl4DRCI2__jQOFYcrhvbKbNZZfDnWPSSYpZkEue6WeTcfL8&dbm_d=AKAmf-AxBqONFL6_zpw3gAiDmr1S5aEZ58xBkei4oMZ9oR9rgvHp3oWdPVZThXstxV_Oocv_XPiE0b--O2KlfPr-y2Tyq7WCk904Zpz1yZPJo5Aw-R9wAU4E9IOBfhawdNzr6__r8C6wdMR6deOomVVqPQSc2PMENWN0wyUoFSk8QIcrHMqAyDCYcfJQCb-8pjlaIr6lVE1rOiV-Pt-wtXaSGkos_VDIIXVKab8WRi7PRB0sQepk3LPAyiXCi4rCvgbLP3kachiTLFQ2ai-6TTDkmR1vKues5-l5pIh7V-xOVRk4-g1yB1_XyIcYF53TO8Y5wXPniXbwXr8ruHspWKp7QybSdFddthE-vIx54xr3775QSv6tcCjRNruZB-iQABsCeawdEv32cN12NQiVQ0qIaQy8-DBgEwb4vi3bZ-xi1R7ERPg6-7wDfj7PWY0o1k6lsafIN9Ll1iJ1Rel1T-fIWnWFdX5XURqCMMQ6lopsuibgEgR0ePRgmZgJ_IInvLGq4jMZXhW713eGIdk96S9XoX8-l5Vw_EGnHskOEXRKLIwEDdUUhEQ2S_DS6_GZtZGPbgDvxYW-IGRWU_BgcsCVtzI-SsP9Q7pz6uPLe5FBPg6wmYtaE--lArnG0jVVd3tApnK4F1UDSsPZp0RbBsd__OAWHQ06KT3kYPFbWn0q4aDJTUIklr19uaFvAl5NQMmafOWtU-Rk5OUk8O-6q6r-vqBM8cQLd0WmkuHCSYnx-2BkNGNUPbu486DVn_Fg3seYHLbLsvp39ZAZ40-WZ9pkkcgwY7rozwh3-w-qQ93nk1guXcZK2IBYDh6d8jzdYN8rDfY5TFI1HaP-gqQ_iZXXlvny_CM7uVpRt1OphfiwkeUdUsyK4-sricNysqVbYqG9BcCzy1RHPP5lHymuEModO2N8C_0fCs_38P_y5SzD5zMuEGM6R5CymE7ytvGid3H-YTC1zR-RUsiOM6Z2nJcOkxQVDCkxyplsrgaRw0cNFRHveP4H_4x0QhugfUjW7FP5AcMBqCIGrk7GjDyS21a3Ag53lq3fQHAVCWvF0hNqfOBPw4IcuvbJOdO7WiUQOVaWbCypIMvyFlrQez7crcfOULiyZ5rm0-ki5hRFEPyruQ87IK3oGS58fUrUOI3zwsQCz-SY27JETGgyovs8yrfk6HH9b_qI1clouG5YT07LXI7r9mLKNkNKlO5lrJbTbElHflhQ9C-7EOdvFpcol518RCp5w7hbACFllgrh8XfkI_i_A0pBYEjeDMGZLHymmAJu3FRKinc1pxBiDm7S72fvwoDxCeka_fF3AzIH_f7GliJWU6lQHbdaUrUajs75ISdKCq-PcuGaSMz9w-kklML2mkte3lLXe8OIXfdT_biwB2IziwMmhyqH4a5FJqDVOamZttRXODqEQ84nq2vp223egBxTgLQzKJ0tXVXGhtm4l6UHs8uZSTnx-a5u3jBwMadpNQSGqGNBL0sWI_3rHHmu-98qcCx6vyb2YfFM7VHPGkYnh9uYwlMxSdISh8otBmJVHFr4R4neTiP6L3oWshlufFUlrZTH1v08gj4xRscVp0fcOux5ey2bx6LAFO4gVk8zw4uVumN9JyGIk-3_452KyQfe0UEWzbkC5FiOD8UKDARwsnHMDZYNyq3DZcz72mBIV9rDPVDvwftw6-92wJUv3PmpOi8A0lSpCPq5a_uUhkmmYRjfVzrlpdrnDxUQe8X-OxPj781uvdUDfOoybLTgnPKm1OQo5kDCFstMMzxa4F4BVZm0JS1rIAahmt887ckydtf2mv82Ew6-bnaWsf13wJTlyHRc7ei_sAZwwxcSEehC4cO2heiHM4QHASt2Zlsb9jSyV3oZONnpj9XTwkrfUCI0argCxD_PjE0WNB2Z6KDt2tKQzlklFxqPVUzv68GVCXLTvRrKWEj2ula14ZlWDBrzFSJRQa0ohUum4uhax6ZtWuN30UFf69puaFQ6AIFPOGsNc_HkFFOZLBsrweo4VOG6DP2LkPFUfY12uqVKGT6PIQjp1GNHY8WnYVqmBie31NVWUhxrBNKoHdO_l0ZO0e8n0iOkerX8LsZsHro619j_1BEUc6SKmqE-boUHuvYU3wwe4-Ir1453f55fcsqgQx0WIWwPD17evcW9IPnBNX2j8nLu9sin3RTFtf4mjQpFsWuQbelYPhJqI1MolGav-YZEwtaUnkMxKS-_PYI4wy_BxcPphC3VqpGQqZEr1edkla6NAXTx1pEmjM8cwemUiGLk2r28BccuRsMQD6t6KEEmC913PCqaQnciQ_08cpEOT6SWgIDdTbWJ01yOtNQ5gNNbrXYDTkdnOzxR1zQuo7d66d45DubDBQU0ddSw8aLaRMq4DNkibn0P47K6FgXcpVBTTlnWEkP5VMyOe76lRofqfFWZJkxWtOixoetaUZHPRCi4yebE-ZQJ67GA_5vQ0f9zXpQDaBUVUdef5245O1TDCKBORtQbWda1AriOqbhxU5-g2JCoEbiUtrZF8dZdnE3AzzfZe6s3oacAilLesC3Bxz85cOsb6xuU9ekg4Eb2QvNchZ8pZhvbOyAOdvyOSW19lBNTb-oYD1lntOc2T_xGGhhqgpXPdbO2FW3UANrqJyw0lE6Ujh3e11TIx429cJ9oqFBS9FX8we6o9iD5hvUSlmKnnLviU75BX65vu5v-CdEOPnJaNJHZ_d3Fay83atYyGGJMnS6q6VVgkeVBR4O42Obq0C5AH0TVhaunc7K6399RhUtvxvwoDS6Fm9rcLhjJCND8MB7Go5uMakPTS1nOLBezGCOpIG45lojMGaa3dTlBJ2FY0nkxdH3iq1J1Cj5Z1DMwMtkXfTQblgOZerb4JvdrQ-mAu_Gu3uvmhK2VNvN2dvYEjKeEaVc6e6PzSEZBhWFstK-vTKAE82FV5DPhCmcwcPPL6ocW39Nhz4cFCv36lumDrs1Yiyn5N-ZtOU4XapByr9w1SBJAGmiW1Pc-w7oNGj1W5WmDi9abh3dEjs5PTmTJbUHhCnOHwI0TAJqmSGZ77DTr43AlFoltQxc4aJzpAYS6Xm87Pka8yhn0Zj1wTOHM6V5q0tcOvTQji_mhzDAgqnddhFMpb1o3L_4evhtiSOfH91h3jSaCNSiE0R8WUYE547N6idfGq6KmbQUX77MXlWELI-93Ah0BfrpEUH70LdT0G95cGL9Hgv5ejIrWmBg9Xr8GZmTxR7Na3JQB0DjTQ2dAb-KTk7JwPN4y1bvtgVj2W-g9cBXPodFoDL4sinPGdMheJCxSSLvYq1_SDP9WocXfev3cE-oDHm6DTHPrXEZFUXwlwq60UrAe519APCcM5eX8Mg2HSaI4Nd3XDbV6pKwr3DkPKesSukBkf_YcDC-IsH5KUXZft3ht-yabAyvkGBCfVHWwxup-uvbYn5uvO_r_7TOZuJ35dKB4d5TDBBu8jFdxZ5YUst-MzDJMRLkG-RPsIyABy_RBbBEBx2BJhfxiPDHBRJq6G7_bXwGfuMdjfheGUP3ao9Cq00WtIdqwoRx7MsXq2vXwANhOyhLkWEQ7WG1_5jRk-LhYgzS_kEMEC8VG75il7uvazg6g0yCq&pr=6%3A0.150000&cid=CAQSMgDICaaNNMrJTy_ipJ3Gji9OyaPvDu9O8qI4yt-UzGUW03UGyqF5EKKwqbBNhsoyLU3PGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzk0MCZzaXRlSWQ9MTA1OTg3OCZhZElkPTUwOTEyNTgma2Fkc2l6ZWlkPTcmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD05MTU4MjY3MjQxODM5OTg5NzQmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RUEwMTgwNEYtNkMyQy00QTJCLUI4MDYtQjdGRUY0RDNGOEQwJnBhc3NiYWNrPTA%3D_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsecurityaffairs.com%2F&ds=l&xdt=1&iif=1&cor=13795544824782940000&adk=2704835898&idt=101&cac=0&dtd=57
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
342ae8a889cbe13cded2bda31d216e6d0dcdf6ca24ba61ad2336163a12514389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40761
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEFkB9AF-w-SkQYGVfoD9Rws&google_cver=1&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR&google_cver=1&g...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR&google_cver=1&google_gid=CAESEFkB9AF-w-SkQYGVfoD9Rws&google_hm=UTc1MjgzNDUwMTIwNzY0NzA0MjM=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 09 Nov 2023 16:41:41 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR6aQXWgyInDIyHaY0ag_t5w30FMxGtQJlcWV1qiPjOcOhD0Xm25y6U8xYdoxgiQzGaH0BjpKiULYB60l7NEeOdJHAkFjzwWQZR&google_cver=1&google_gid=CAESEFkB9AF-w-SkQYGVfoD9Rws&google_hm=UTc1MjgzNDUwMTIwNzY0NzA0MjM=
Content-Type
text/html
Cache-Control
max-age=55324
Connection
keep-alive
Content-Length
154
r.gif
sync.extend.tv/ Frame 5BF5
0
0

pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIG6vBjByyHT3sFWPsHHsCI&google_cver=1&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraF...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraFJT04GtPo&google_hm=eS1kWS5hTTFoRTJwSC5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraFJT04GtPo&google_hm=eS1kWS5hTTFoRTJwSC5ITUtlNVlMOThnYU5veTZmUm1kNX5B
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD66dUOcPJj_NtwjXRDBkdMo7pGHlVj4Yxy7zJniaLykBgFfu14ovAoJ-sj7ums8YztNDy_Srf7pQTTCAuvL0jraFJT04GtPo&google_hm=eS1kWS5hTTFoRTJwSC5ITUtlNVlMOThnYU5veTZmUm1kNX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEIxK8aayMDAmr26zHOvhqjw&google_cver=1&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYNb...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYNbesYaw-7QrWRlgmqE
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&google_push=AXcoOmTH2AZ_sN0a5Rzmq2CmQHWK-XvN57x9I7RAQ1Qu6geeNySgvRcCSh_YWa6y-cnkOF9PGkx03Mh9X3ZfYNbesYaw-7QrWRlgmqE
Date
Thu, 09 Nov 2023 16:41:41 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHoM2k5grpXT2qr7F7HXHIY&google_cver=1&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8W...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8WgHV0ULJ1XgA&google_hm=MjYyM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8WgHV0ULJ1XgA&google_hm=MjYyMzAyMDgyMDk3NTI3MTc1OA==
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTgIYBILesmvxZCZZb_05DUL5G50b1uLuTXZ_OdAoK7rDED6fr6D_vdptTlDDdBl6kkdop-uQS9MiSTztLfO6-FY8WgHV0ULJ1XgA&google_hm=MjYyMzAyMDgyMDk3NTI3MTc1OA==
Date
Thu, 09 Nov 2023 16:41:41 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELUsumNh8sslb66OeTGfStk&google_cver=1&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1s4KcuypalL_HG1ww71qXKhVwXFM0r5EpyeN0ZXGg&google_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1s4KcuypalL_HG1ww71qXKhVwXFM0r5EpyeN0ZXGg&google_hm=jRfd_2NdRe6mfsUlqjoiA7Y
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ24XMfC7hWddmt-rYi9pUYezH35Piud8pB1JbESt1TzsKe0PA9yfCgxJSlS1s4KcuypalL_HG1ww71qXKhVwXFM0r5EpyeN0ZXGg&google_hm=jRfd_2NdRe6mfsUlqjoiA7Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BF5
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEGplCXgBBnD-wkucJprP1ak&google_cver=1&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-PQAFP5_YA&google_hm=4df39c49...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-PQAFP5_YA&google_hm=4df39c491145063d28hxwf00lorf22bg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS25Cz15yetdDLs7BjKqud3JkUPOhaOfJAc5ZL0gkQ3GBk5rK4NeKZVun5h86mghyMfRFcLw9u-BWP7R30emUufNREZ-PQAFP5_YA&google_hm=4df39c491145063d28hxwf00lorf22bg
date
Thu, 09 Nov 2023 16:41:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 5BF5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kx1fl5WlT0Ul63TVqOHbrMzwrzX9EEbLAQqi668L4RjRbNIV7bSZf4HEQ4PwNvlHWevmlPWk9x
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699548100841&timeout=f&logid=0.5690561349429102&timediff=214&lid=43&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 9840
1 KB
599 B
XHR
General
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F22876227373%2FValue_oRTB_VAST%26description_url%3D%7Bdomain%7D%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C250x300%257C300x250%257C300x600%257C320x480%257C400x300%257C480x320%257C600x300%257C600x600%257C640x360%257C640x480%257C720x1280%257C720x1560%257C720x1600%257C729x1280%257C768x1024%257C960x540%257C970x250%257C1024x768%257C1080x1080%257C1080x2220%257C1200x628%257C1280x720%257C1920x800%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26vad_type%3Dlinear%26url%3D%7Bdomain%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a919afbda7418ab769dda61db145f212a10da1e93c74270349e1df910734b322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
577
x-xss-protection
0
truncated
/ Frame ECD1
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4280619cb5108d780ea03968dfac3e1936c51ea7622bb3195b0b74b4a00924

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 0488
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CId20wwtNZaTzB9KWxtYPi-KWmAzSkbaNbbnQrsqWD8CNtwEQASAAYH2CARdjYS1wdWItMzc4NDc3OTQzMjE3MjMzOMgBCeACAKgDAcgDAqoE2gJP0PJUgj4iRe4lkibk4dhdkk5WVdiIcpLK9PBrrtJLHEZD5HqjmBNne-ut9n3aQTBjwQLprp4C7g5L90NO_6PTpBa-CywMVQyPEHPbW5gDUyrZHyXLaA9BoVIeqR5Jj0x0YeV-qL91yjcysePr5zTjHW0J8lElst4CYzM1wax0knKsKQVt4rctkZdge27pYUd7rAGuxiTcyuH7Fa6dF5GgNpKkqPnxnRZOJ6FQbvrcdLaDN7EV780TIaaU3yi_yXonx78kCrM_1qN4we9BQeqV3w9DsdryLOMEfXuHsOA0vDe9TpKGQI1UxQrrHgxINs7cCzdCdWWFSlbQeAlNRLvcQIHYovjyIKwOXLvLf0Fy2qzn5xoZ_TxssoaLDn2rvnyXf7DMxyuN6egMNoXlCKbs5Xw7g-val0BaOHoj98XN__7zpEqyXLbhF1jvemulZJuDtz_p1LCFHLxt4AQBgAamrpHwlezpwV6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTM3ODQ3Nzk0MzIxNzIzMzgYrpiBAQ&sigh=7eOFYU3B_Gc&uach_m=[UACH]&cid=CAQSOwDICaaNoT_SY43iV2fRHQxKlhkCxEZFHr000kBgpiFKknhnAvOdBvMWPnIUJHpHJ3sXK9wmWok9LLBVGAE&cbvp=2&vis=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

rtimp
g.bidbrain.app/ Frame 0488
0
381 B
Image
General
Full URL
https://g.bidbrain.app/rtimp?sid=dad42bb6-7f1e-11ee-9c15-2af1d1c20283&d=securityaffairs.com&cr=ext_ng_start_fires6&gid=CAESEKMZTm5IPlJPGq53bEu2bE4&a=imp&p=ZU0LwwAB-aQE0YtSAAWxC8H1SdPDnmHeFc9OmQ&im=JPHYm-suP7faAaEE2FASq435v9YRgT3xZKC83kOnQnilgDLxcjYGj7lP4K6ZtxD9CJ3KaLm9V3ZTt8XM9zqyruurqEmittSpj0Q___royG2WsU7ZdmAEo6oOzXYUA-wcDdOj9eUlb-YRr8LPqx2Frw_2QW0EVDhke5YflU6HBVdsbJkdZKTvMnSyQ-oBxHRlLHxnbFkamW1HDxD5u0woNLrrnl7fqi_toR6t6YQuy2lfu5k-SMcsJms8zAC3eEShPcc8VLMp5oFGaYVpqRpWyMl5FxGM-0GjG9LhlwKHqkGwsQER3Co0yjZZ11p2N4ouGstZcLJIFEKOGAsVJiMr0NzpFh0mF8L5wjCauYKXK_Y&cbvp=2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 0488
159 KB
160 KB
Font
General
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPr-m2B0vns_8naJusBmqhoBbwXP1haG6a3bFL3UMkMoWwnKLF1tfPyXIWx_B9uEQFDvJYp-ImDYD7SUsWnbQrto5Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODPnL4LTrA2naaF4xTbH5HJ2qSvWa3L8EdCZBJS3QIwbbbvBGER9iqVjxz%2FuMhxf6p%2FsyHB85BWrOrZEP0dytTTFO3Ns0iQpxybFogN27%2BVc3%2FtPEHhen%2Bq2rF18OBOqUYtgd5H4r3sQSZeGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
8237812feafd38e3-YYZ
expires
Thu, 09 Nov 2023 17:16:16 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 0488
159 KB
159 KB
Font
General
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPrJ7aeFaLVX0NfZzX166mzmDXVCRDLZ6EV5DcUxPlpfArHg0F7XQuZOVL6N4ov8uDvQity5dVhUgDO0RfCYE6IrJQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOoLogkQCEgI9UKHwSuk1opHKjDBbQCUJD9DP9tzjS0ON39w3KkNjmJKgdnZXvx%2F2FQdZw944PFiKGoFw3W%2FF2m37zb%2Bm0UIvFAj9v4CW34%2BxdkM2UxQ5vEkrxiyk1a6jzHkcs0DG%2BUX4k8Xew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
8237812feb0038e3-YYZ
expires
Thu, 09 Nov 2023 17:28:11 GMT
rtimp
g.bidbrain.app/ Frame 0488
0
379 B
Ping
General
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
csi
csi.gstatic.com/ Frame 9840
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lorf239t&c=5015548753147&slotId=2507774376573.5&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5D98
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 17:29:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 5D98
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHUFp7coG70mDT1AEwYSsZcUa8PzVrq_A9LyWCd_HiJIJbRaDgmAaW67pGYhwkdtq257vhei-jxVFRX70l0m4qdvWv6LCnwrcjgV1xW_a3u4qk6bdKTzX_l2mM1WrE_tzEXl4DRCI2__jQOFYcrhvbKbNZZfDnWPSSYpZkEue6WeTcfL8&dbm_d=AKAmf-AxBqONFL6_zpw3gAiDmr1S5aEZ58xBkei4oMZ9oR9rgvHp3oWdPVZThXstxV_Oocv_XPiE0b--O2KlfPr-y2Tyq7WCk904Zpz1yZPJo5Aw-R9wAU4E9IOBfhawdNzr6__r8C6wdMR6deOomVVqPQSc2PMENWN0wyUoFSk8QIcrHMqAyDCYcfJQCb-8pjlaIr6lVE1rOiV-Pt-wtXaSGkos_VDIIXVKab8WRi7PRB0sQepk3LPAyiXCi4rCvgbLP3kachiTLFQ2ai-6TTDkmR1vKues5-l5pIh7V-xOVRk4-g1yB1_XyIcYF53TO8Y5wXPniXbwXr8ruHspWKp7QybSdFddthE-vIx54xr3775QSv6tcCjRNruZB-iQABsCeawdEv32cN12NQiVQ0qIaQy8-DBgEwb4vi3bZ-xi1R7ERPg6-7wDfj7PWY0o1k6lsafIN9Ll1iJ1Rel1T-fIWnWFdX5XURqCMMQ6lopsuibgEgR0ePRgmZgJ_IInvLGq4jMZXhW713eGIdk96S9XoX8-l5Vw_EGnHskOEXRKLIwEDdUUhEQ2S_DS6_GZtZGPbgDvxYW-IGRWU_BgcsCVtzI-SsP9Q7pz6uPLe5FBPg6wmYtaE--lArnG0jVVd3tApnK4F1UDSsPZp0RbBsd__OAWHQ06KT3kYPFbWn0q4aDJTUIklr19uaFvAl5NQMmafOWtU-Rk5OUk8O-6q6r-vqBM8cQLd0WmkuHCSYnx-2BkNGNUPbu486DVn_Fg3seYHLbLsvp39ZAZ40-WZ9pkkcgwY7rozwh3-w-qQ93nk1guXcZK2IBYDh6d8jzdYN8rDfY5TFI1HaP-gqQ_iZXXlvny_CM7uVpRt1OphfiwkeUdUsyK4-sricNysqVbYqG9BcCzy1RHPP5lHymuEModO2N8C_0fCs_38P_y5SzD5zMuEGM6R5CymE7ytvGid3H-YTC1zR-RUsiOM6Z2nJcOkxQVDCkxyplsrgaRw0cNFRHveP4H_4x0QhugfUjW7FP5AcMBqCIGrk7GjDyS21a3Ag53lq3fQHAVCWvF0hNqfOBPw4IcuvbJOdO7WiUQOVaWbCypIMvyFlrQez7crcfOULiyZ5rm0-ki5hRFEPyruQ87IK3oGS58fUrUOI3zwsQCz-SY27JETGgyovs8yrfk6HH9b_qI1clouG5YT07LXI7r9mLKNkNKlO5lrJbTbElHflhQ9C-7EOdvFpcol518RCp5w7hbACFllgrh8XfkI_i_A0pBYEjeDMGZLHymmAJu3FRKinc1pxBiDm7S72fvwoDxCeka_fF3AzIH_f7GliJWU6lQHbdaUrUajs75ISdKCq-PcuGaSMz9w-kklML2mkte3lLXe8OIXfdT_biwB2IziwMmhyqH4a5FJqDVOamZttRXODqEQ84nq2vp223egBxTgLQzKJ0tXVXGhtm4l6UHs8uZSTnx-a5u3jBwMadpNQSGqGNBL0sWI_3rHHmu-98qcCx6vyb2YfFM7VHPGkYnh9uYwlMxSdISh8otBmJVHFr4R4neTiP6L3oWshlufFUlrZTH1v08gj4xRscVp0fcOux5ey2bx6LAFO4gVk8zw4uVumN9JyGIk-3_452KyQfe0UEWzbkC5FiOD8UKDARwsnHMDZYNyq3DZcz72mBIV9rDPVDvwftw6-92wJUv3PmpOi8A0lSpCPq5a_uUhkmmYRjfVzrlpdrnDxUQe8X-OxPj781uvdUDfOoybLTgnPKm1OQo5kDCFstMMzxa4F4BVZm0JS1rIAahmt887ckydtf2mv82Ew6-bnaWsf13wJTlyHRc7ei_sAZwwxcSEehC4cO2heiHM4QHASt2Zlsb9jSyV3oZONnpj9XTwkrfUCI0argCxD_PjE0WNB2Z6KDt2tKQzlklFxqPVUzv68GVCXLTvRrKWEj2ula14ZlWDBrzFSJRQa0ohUum4uhax6ZtWuN30UFf69puaFQ6AIFPOGsNc_HkFFOZLBsrweo4VOG6DP2LkPFUfY12uqVKGT6PIQjp1GNHY8WnYVqmBie31NVWUhxrBNKoHdO_l0ZO0e8n0iOkerX8LsZsHro619j_1BEUc6SKmqE-boUHuvYU3wwe4-Ir1453f55fcsqgQx0WIWwPD17evcW9IPnBNX2j8nLu9sin3RTFtf4mjQpFsWuQbelYPhJqI1MolGav-YZEwtaUnkMxKS-_PYI4wy_BxcPphC3VqpGQqZEr1edkla6NAXTx1pEmjM8cwemUiGLk2r28BccuRsMQD6t6KEEmC913PCqaQnciQ_08cpEOT6SWgIDdTbWJ01yOtNQ5gNNbrXYDTkdnOzxR1zQuo7d66d45DubDBQU0ddSw8aLaRMq4DNkibn0P47K6FgXcpVBTTlnWEkP5VMyOe76lRofqfFWZJkxWtOixoetaUZHPRCi4yebE-ZQJ67GA_5vQ0f9zXpQDaBUVUdef5245O1TDCKBORtQbWda1AriOqbhxU5-g2JCoEbiUtrZF8dZdnE3AzzfZe6s3oacAilLesC3Bxz85cOsb6xuU9ekg4Eb2QvNchZ8pZhvbOyAOdvyOSW19lBNTb-oYD1lntOc2T_xGGhhqgpXPdbO2FW3UANrqJyw0lE6Ujh3e11TIx429cJ9oqFBS9FX8we6o9iD5hvUSlmKnnLviU75BX65vu5v-CdEOPnJaNJHZ_d3Fay83atYyGGJMnS6q6VVgkeVBR4O42Obq0C5AH0TVhaunc7K6399RhUtvxvwoDS6Fm9rcLhjJCND8MB7Go5uMakPTS1nOLBezGCOpIG45lojMGaa3dTlBJ2FY0nkxdH3iq1J1Cj5Z1DMwMtkXfTQblgOZerb4JvdrQ-mAu_Gu3uvmhK2VNvN2dvYEjKeEaVc6e6PzSEZBhWFstK-vTKAE82FV5DPhCmcwcPPL6ocW39Nhz4cFCv36lumDrs1Yiyn5N-ZtOU4XapByr9w1SBJAGmiW1Pc-w7oNGj1W5WmDi9abh3dEjs5PTmTJbUHhCnOHwI0TAJqmSGZ77DTr43AlFoltQxc4aJzpAYS6Xm87Pka8yhn0Zj1wTOHM6V5q0tcOvTQji_mhzDAgqnddhFMpb1o3L_4evhtiSOfH91h3jSaCNSiE0R8WUYE547N6idfGq6KmbQUX77MXlWELI-93Ah0BfrpEUH70LdT0G95cGL9Hgv5ejIrWmBg9Xr8GZmTxR7Na3JQB0DjTQ2dAb-KTk7JwPN4y1bvtgVj2W-g9cBXPodFoDL4sinPGdMheJCxSSLvYq1_SDP9WocXfev3cE-oDHm6DTHPrXEZFUXwlwq60UrAe519APCcM5eX8Mg2HSaI4Nd3XDbV6pKwr3DkPKesSukBkf_YcDC-IsH5KUXZft3ht-yabAyvkGBCfVHWwxup-uvbYn5uvO_r_7TOZuJ35dKB4d5TDBBu8jFdxZ5YUst-MzDJMRLkG-RPsIyABy_RBbBEBx2BJhfxiPDHBRJq6G7_bXwGfuMdjfheGUP3ao9Cq00WtIdqwoRx7MsXq2vXwANhOyhLkWEQ7WG1_5jRk-LhYgzS_kEMEC8VG75il7uvazg6g0yCq&pr=6%3A0.150000&cid=CAQSMgDICaaNNMrJTy_ipJ3Gji9OyaPvDu9O8qI4yt-UzGUW03UGyqF5EKKwqbBNhsoyLU3PGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzk0MCZzaXRlSWQ9MTA1OTg3OCZhZElkPTUwOTEyNTgma2Fkc2l6ZWlkPTcmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD05MTU4MjY3MjQxODM5OTg5NzQmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RUEwMTgwNEYtNkMyQy00QTJCLUI4MDYtQjdGRUY0RDNGOEQwJnBhc3NiYWNrPTA%3D_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsecurityaffairs.com%2F&ds=l&xdt=1&iif=1&cor=13795544824782940000&adk=2704835898&idt=101&cac=0&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
27379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 09:05:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 5D98
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHUFp7coG70mDT1AEwYSsZcUa8PzVrq_A9LyWCd_HiJIJbRaDgmAaW67pGYhwkdtq257vhei-jxVFRX70l0m4qdvWv6LCnwrcjgV1xW_a3u4qk6bdKTzX_l2mM1WrE_tzEXl4DRCI2__jQOFYcrhvbKbNZZfDnWPSSYpZkEue6WeTcfL8&dbm_d=AKAmf-AxBqONFL6_zpw3gAiDmr1S5aEZ58xBkei4oMZ9oR9rgvHp3oWdPVZThXstxV_Oocv_XPiE0b--O2KlfPr-y2Tyq7WCk904Zpz1yZPJo5Aw-R9wAU4E9IOBfhawdNzr6__r8C6wdMR6deOomVVqPQSc2PMENWN0wyUoFSk8QIcrHMqAyDCYcfJQCb-8pjlaIr6lVE1rOiV-Pt-wtXaSGkos_VDIIXVKab8WRi7PRB0sQepk3LPAyiXCi4rCvgbLP3kachiTLFQ2ai-6TTDkmR1vKues5-l5pIh7V-xOVRk4-g1yB1_XyIcYF53TO8Y5wXPniXbwXr8ruHspWKp7QybSdFddthE-vIx54xr3775QSv6tcCjRNruZB-iQABsCeawdEv32cN12NQiVQ0qIaQy8-DBgEwb4vi3bZ-xi1R7ERPg6-7wDfj7PWY0o1k6lsafIN9Ll1iJ1Rel1T-fIWnWFdX5XURqCMMQ6lopsuibgEgR0ePRgmZgJ_IInvLGq4jMZXhW713eGIdk96S9XoX8-l5Vw_EGnHskOEXRKLIwEDdUUhEQ2S_DS6_GZtZGPbgDvxYW-IGRWU_BgcsCVtzI-SsP9Q7pz6uPLe5FBPg6wmYtaE--lArnG0jVVd3tApnK4F1UDSsPZp0RbBsd__OAWHQ06KT3kYPFbWn0q4aDJTUIklr19uaFvAl5NQMmafOWtU-Rk5OUk8O-6q6r-vqBM8cQLd0WmkuHCSYnx-2BkNGNUPbu486DVn_Fg3seYHLbLsvp39ZAZ40-WZ9pkkcgwY7rozwh3-w-qQ93nk1guXcZK2IBYDh6d8jzdYN8rDfY5TFI1HaP-gqQ_iZXXlvny_CM7uVpRt1OphfiwkeUdUsyK4-sricNysqVbYqG9BcCzy1RHPP5lHymuEModO2N8C_0fCs_38P_y5SzD5zMuEGM6R5CymE7ytvGid3H-YTC1zR-RUsiOM6Z2nJcOkxQVDCkxyplsrgaRw0cNFRHveP4H_4x0QhugfUjW7FP5AcMBqCIGrk7GjDyS21a3Ag53lq3fQHAVCWvF0hNqfOBPw4IcuvbJOdO7WiUQOVaWbCypIMvyFlrQez7crcfOULiyZ5rm0-ki5hRFEPyruQ87IK3oGS58fUrUOI3zwsQCz-SY27JETGgyovs8yrfk6HH9b_qI1clouG5YT07LXI7r9mLKNkNKlO5lrJbTbElHflhQ9C-7EOdvFpcol518RCp5w7hbACFllgrh8XfkI_i_A0pBYEjeDMGZLHymmAJu3FRKinc1pxBiDm7S72fvwoDxCeka_fF3AzIH_f7GliJWU6lQHbdaUrUajs75ISdKCq-PcuGaSMz9w-kklML2mkte3lLXe8OIXfdT_biwB2IziwMmhyqH4a5FJqDVOamZttRXODqEQ84nq2vp223egBxTgLQzKJ0tXVXGhtm4l6UHs8uZSTnx-a5u3jBwMadpNQSGqGNBL0sWI_3rHHmu-98qcCx6vyb2YfFM7VHPGkYnh9uYwlMxSdISh8otBmJVHFr4R4neTiP6L3oWshlufFUlrZTH1v08gj4xRscVp0fcOux5ey2bx6LAFO4gVk8zw4uVumN9JyGIk-3_452KyQfe0UEWzbkC5FiOD8UKDARwsnHMDZYNyq3DZcz72mBIV9rDPVDvwftw6-92wJUv3PmpOi8A0lSpCPq5a_uUhkmmYRjfVzrlpdrnDxUQe8X-OxPj781uvdUDfOoybLTgnPKm1OQo5kDCFstMMzxa4F4BVZm0JS1rIAahmt887ckydtf2mv82Ew6-bnaWsf13wJTlyHRc7ei_sAZwwxcSEehC4cO2heiHM4QHASt2Zlsb9jSyV3oZONnpj9XTwkrfUCI0argCxD_PjE0WNB2Z6KDt2tKQzlklFxqPVUzv68GVCXLTvRrKWEj2ula14ZlWDBrzFSJRQa0ohUum4uhax6ZtWuN30UFf69puaFQ6AIFPOGsNc_HkFFOZLBsrweo4VOG6DP2LkPFUfY12uqVKGT6PIQjp1GNHY8WnYVqmBie31NVWUhxrBNKoHdO_l0ZO0e8n0iOkerX8LsZsHro619j_1BEUc6SKmqE-boUHuvYU3wwe4-Ir1453f55fcsqgQx0WIWwPD17evcW9IPnBNX2j8nLu9sin3RTFtf4mjQpFsWuQbelYPhJqI1MolGav-YZEwtaUnkMxKS-_PYI4wy_BxcPphC3VqpGQqZEr1edkla6NAXTx1pEmjM8cwemUiGLk2r28BccuRsMQD6t6KEEmC913PCqaQnciQ_08cpEOT6SWgIDdTbWJ01yOtNQ5gNNbrXYDTkdnOzxR1zQuo7d66d45DubDBQU0ddSw8aLaRMq4DNkibn0P47K6FgXcpVBTTlnWEkP5VMyOe76lRofqfFWZJkxWtOixoetaUZHPRCi4yebE-ZQJ67GA_5vQ0f9zXpQDaBUVUdef5245O1TDCKBORtQbWda1AriOqbhxU5-g2JCoEbiUtrZF8dZdnE3AzzfZe6s3oacAilLesC3Bxz85cOsb6xuU9ekg4Eb2QvNchZ8pZhvbOyAOdvyOSW19lBNTb-oYD1lntOc2T_xGGhhqgpXPdbO2FW3UANrqJyw0lE6Ujh3e11TIx429cJ9oqFBS9FX8we6o9iD5hvUSlmKnnLviU75BX65vu5v-CdEOPnJaNJHZ_d3Fay83atYyGGJMnS6q6VVgkeVBR4O42Obq0C5AH0TVhaunc7K6399RhUtvxvwoDS6Fm9rcLhjJCND8MB7Go5uMakPTS1nOLBezGCOpIG45lojMGaa3dTlBJ2FY0nkxdH3iq1J1Cj5Z1DMwMtkXfTQblgOZerb4JvdrQ-mAu_Gu3uvmhK2VNvN2dvYEjKeEaVc6e6PzSEZBhWFstK-vTKAE82FV5DPhCmcwcPPL6ocW39Nhz4cFCv36lumDrs1Yiyn5N-ZtOU4XapByr9w1SBJAGmiW1Pc-w7oNGj1W5WmDi9abh3dEjs5PTmTJbUHhCnOHwI0TAJqmSGZ77DTr43AlFoltQxc4aJzpAYS6Xm87Pka8yhn0Zj1wTOHM6V5q0tcOvTQji_mhzDAgqnddhFMpb1o3L_4evhtiSOfH91h3jSaCNSiE0R8WUYE547N6idfGq6KmbQUX77MXlWELI-93Ah0BfrpEUH70LdT0G95cGL9Hgv5ejIrWmBg9Xr8GZmTxR7Na3JQB0DjTQ2dAb-KTk7JwPN4y1bvtgVj2W-g9cBXPodFoDL4sinPGdMheJCxSSLvYq1_SDP9WocXfev3cE-oDHm6DTHPrXEZFUXwlwq60UrAe519APCcM5eX8Mg2HSaI4Nd3XDbV6pKwr3DkPKesSukBkf_YcDC-IsH5KUXZft3ht-yabAyvkGBCfVHWwxup-uvbYn5uvO_r_7TOZuJ35dKB4d5TDBBu8jFdxZ5YUst-MzDJMRLkG-RPsIyABy_RBbBEBx2BJhfxiPDHBRJq6G7_bXwGfuMdjfheGUP3ao9Cq00WtIdqwoRx7MsXq2vXwANhOyhLkWEQ7WG1_5jRk-LhYgzS_kEMEC8VG75il7uvazg6g0yCq&pr=6%3A0.150000&cid=CAQSMgDICaaNNMrJTy_ipJ3Gji9OyaPvDu9O8qI4yt-UzGUW03UGyqF5EKKwqbBNhsoyLU3PGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzk0MCZzaXRlSWQ9MTA1OTg3OCZhZElkPTUwOTEyNTgma2Fkc2l6ZWlkPTcmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD05MTU4MjY3MjQxODM5OTg5NzQmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RUEwMTgwNEYtNkMyQy00QTJCLUI4MDYtQjdGRUY0RDNGOEQwJnBhc3NiYWNrPTA%3D_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsecurityaffairs.com%2F&ds=l&xdt=1&iif=1&cor=13795544824782940000&adk=2704835898&idt=101&cac=0&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
28146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 08:52:35 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5D98
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
27989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 08:55:12 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A82
39 KB
15 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167045
content-encoding
gzip
content-length
14527
content-type
text/html
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
Sat, 11 Nov 2023 15:05:46 GMT
last-modified
Wed, 06 Sep 2023 06:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame DFEC
0
91 B
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=1059878&adId=5091258&imprId=EA01804F-6C2C-4A2B-B806-B7FEF4D3F8D0&cksum=7F13516B7663CDC9&adType=10&adServerId=243&kefact=0.150000&kaxefact=0.150000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1699548098&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.150000&dcId=2&tldId=0&passback=0&svr=BIDNYC30095TB&adsver=_3141725595&adsabzcid=1&cls=BID&i0=0x2100000000000000&ekefact=wgtNZYSQBwDw_6nIpiFywsWkC_elRYRgk-RQO0GBWZTIAzCV&ekaxefact=wgtNZZaQBwAYkJ1UYUuKwQPnCgHatAOT_Vj0qYvJxaskyHla&ekpbmtpfact=wgtNZaOQBwBoxxocT_okDYryLv7aAHnokmvM8otkC7y-CMgH&enpp=wgtNZbCQBwCiq86sj_XEhMGBJ4iRgJwQJ7iT2HOvhk8_0i5R&pfi=1&domId=8222502327166973060&dc=NYC3&pubBuyId=18157&crID=499828858&lpu=vrbo.com&ucrid=915826724183998974&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1530931&wDspId=80&wbId=2&wrId=2610456&wAdvID=7607&wDspCampId=44285497&isRTB=1&rtbId=BA53D2E0-4AC1-454C-8FA0-1FD74325D264B&ver=11&dateHr=2023110916&usrgen=2&usryob=0&layeringebl=1&oid=EA01804F-6C2C-4A2B-B806-B7FEF4D3F8D0&cntryId=40&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.95 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
0
pragma
no-cache
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame CFD4
159 KB
160 KB
Font
General
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-guploader-uploadid
ABPtcPr-m2B0vns_8naJusBmqhoBbwXP1haG6a3bFL3UMkMoWwnKLF1tfPyXIWx_B9uEQFDvJYp-ImDYD7SUsWnbQrto5Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qww1r2fe7J6Mv9ytOneY%2FTRt7L7C%2FM3GLTO4oObGo3wIKtDfENBErk49Sl9VrfKvSx5MaXhhRkY%2FlSpohsiwMqYC%2BWm%2FhGTrZy%2F16NN3dQD3KSao5sUFhZV69o6eNsBf6FOm1RV9mUEzaJJj5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
8237812feb0338e3-YYZ
expires
Thu, 09 Nov 2023 17:16:16 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame CFD4
159 KB
159 KB
Font
General
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-guploader-uploadid
ABPtcPrJ7aeFaLVX0NfZzX166mzmDXVCRDLZ6EV5DcUxPlpfArHg0F7XQuZOVL6N4ov8uDvQity5dVhUgDO0RfCYE6IrJQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH%2BXo0EbnTSTZpR6d%2FCaPtWHJX9w7uesROronmHOp%2BzXUtfnaEDvNDnE4GiVOULAk6xowVvI9GHGsKr4aHhTfp1Jl2BSBuNks4p89miDv4wdRO0O7eJCjMLJv89BK7xLzdar3RCyFoeRrOXJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
8237812feb0238e3-YYZ
expires
Thu, 09 Nov 2023 17:28:11 GMT
rtimp
g.bidbrain.app/ Frame CFD4
0
381 B
Ping
General
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
cc.jpeg
px.vliplatform.com/iv-v4/
0
504 B
Image
General
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-AweZKryq-tywZ-PqZT-qArA-rqMywMYTwKBqRqxeNco_YPPaBTAMBMB_MRwNhxwdqzoeRlmNKYMbaARdzNwqfftkRrdzNRmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3699zZZp7esvS3U7GAIbqn4ENZhoTT7kW5JyTUvZMd%2BCNX%2By7qP4WE2%2F7aXUpqqPzLGRZXyHWjBtmWurNcV6MUv5rjaoqCIHW7y573Q0%2FBMjM6%2FuL08E6DXMPcxwlij3XbZd0C5uMxgQkZ4odgH%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237812f8bbf711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?type=vpaid&lid=100&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?type=multiple_pod&lid=100&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?pid=0&dn=imasdk.googleapis.com&if=friendly&asys=VPAIDIMA3&vad=t&atag=f&mtypes=application%2Fjavascript&lid=29&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?omData=%5B%5D&lid=129&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?es=abandon&ai=IMA3&qy=195248362&ar=noVerifications&lid=87&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtimp
g.bidbrain.app/ Frame 0488
0
805 B
Ping
General
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame F942
58 KB
20 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e57d6b6a8ffe3fe418542e6723bfa1180e3cfd54329b786a311bfedd16cfe27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20942
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:16:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:43:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5A63
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
27989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 08:55:12 GMT
expires
Fri, 08 Nov 2024 08:55:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame CFD4
0
381 B
Ping
General
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
cc.jpeg
px.vliplatform.com/iv-v4/
0
499 B
Image
General
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-yqrAreZK-Ptae-PYUP-MrqT-aPYKPrZUatAqRqxeNRwNcso_YKRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTBTARleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERso9ZL9TMynLxGCR7seh%2Fep9xgAAkDQXxxtaADp3G6Lrb08KO0JQYwgBThODtgemjaBD%2FPpeHbJ0F5BBRNiokK%2FTXVLkCgC37QTNQSL6tPpTVdcwx7WzfGvtp7mhOBejwoBA0rnqxH%2FDXRXAQGBGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781303cf9711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame F942
44 KB
16 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/22876227373/Value_oRTB_VAST%26description_url%3D%7Bdomain%7D%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C250x300%257C300x250%257C300x600%257C320x480%257C400x300%257C480x320%257C600x300%257C600x600%257C640x360%257C640x480%257C720x1280%257C720x1560%257C720x1600%257C729x1280%257C768x1024%257C960x540%257C970x250%257C1024x768%257C1080x1080%257C1080x2220%257C1200x628%257C1280x720%257C1920x800%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26vad_type%3Dlinear%26url%3D%7Bdomain%7D%26channel%3Dvastadp
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8095a837fae56876f0f9996bf69fa68537720ba8aa863d7c9aec3e3def04008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:33:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16140
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:16:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:48:22 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 5A63
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 08:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
114860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 08:47:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F942
363 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/22876227373/Value_oRTB_VAST%26description_url%3D%7Bdomain%7D%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C250x300%257C300x250%257C300x600%257C320x480%257C400x300%257C480x320%257C600x300%257C600x600%257C640x360%257C640x480%257C720x1280%257C720x1560%257C720x1600%257C729x1280%257C768x1024%257C960x540%257C970x250%257C1024x768%257C1080x1080%257C1080x2220%257C1200x628%257C1280x720%257C1920x800%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26vad_type%3Dlinear%26url%3D%7Bdomain%7D%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Thu, 09 Nov 2023 16:41:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F942
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.866646203875596&wt=1699548101262&sdkv=h.3.600.0&xai=undefined&url=1,https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/22876227373/Value_oRTB_VAST%26description_url%3D%7Bdomain%7D%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C250x300%257C300x250%257C300x600%257C320x480%257C400x300%257C480x320%257C600x300%257C600x600%257C640x360%257C640x480%257C720x1280%257C720x1560%257C720x1600%257C729x1280%257C768x1024%257C960x540%257C970x250%257C1024x768%257C1080x1080%257C1080x2220%257C1200x628%257C1280x720%257C1920x800%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26vad_type%3Dlinear%26url%3D%7Bdomain%7D%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D98
190 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:41:41 GMT
index.html
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
11 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fde66dbe5ddd90a43eba6c1133cf2056c30639b34a3d776ea13fc43654b63e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3541
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
Fri, 08 Nov 2024 16:41:41 GMT
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5D98
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5UJ2KnahPlLwFIxFUCC3NIORBWC81zgndnh83tAJNZeMUNLAwIDtSwghAOHfpsmMx2x7hQXolEE2rOmOMmScQMnmz9rQeRqewgAaP4IJTFG-l2jpOOjS4BuGY6zmp5tK69I5OrgnWLOm7vM9NnRDFbPXEx3Fm-jh_CJYd0CGWNGw85x0ki6baZq_4MWKLW_sowiOWwK3LWJVfZn1e-FjbhyNilIzJ0wAYaBZJsoFP0v_zRKtUk1XbwkmBoz34vtjkgsilAHM9v_UdpcNg6-vXortaTm4cBqKm7fEDXqfnyDxhhdpdy_-AptQp42QnYQejSeBj8PrP9wG9_CL7TBc9K-Fk08u6Cq6z7BPLlm0FwZZfjuxnsz5Ug5Y_GimuJ1HWdgvTP5Vjhl_5JDXDffAyjj7NbN1zrlsHxPOecEd08kycqEuAJRY1hFnMP97q8uzZHJB-sQ0uPpBSI40oBYnV9_YVPJ44j2ByXsJRbScEi7pRYnxt1CDKokH8rF2DQvVA-XAPbiYxjf1rXbaisqUk4t3CIxii1HbzteuLMXGFVuJ3JgfrLI1bJ8kurT0kcwRBftKI1wBlWckUrHuwQYZ2r6jnSPzQTKLOmCCFtE_B9Q8UWSIKpS3aj4dgDsMaq9vajTrUQ65u0hQ_F7ykb9i8cBmMFmesgnUqondNRAidYV2r5zVLj0xmxrjCA2o_b5lJeTvarM0Xj6woHvfncYdYnpi1Xk72Ie4Fap6qsUuXOcXYSCqR8AB3GKnTkuQxoGKlFXc7popWHV_Ft1Pmdc2A3O6jkhetj0RNHegDAqsDa-3JAuKiI0aS4sj_mMy_-9GQoM-2ggStuoXio1VfA3DM8IKh3U_VpSxUXDKiEkrg9bZGpedIBP2NKFJqdfX2i0jDKb3EOC9u_8SnLA5um4dI76RreQQ_OhiP_MUeb93py-NxK9655gpV3LuwqHC6widv5BvaVrakS99ATlaPEceDZk40x30OCglVVTgjT2z6PU4QfUiZpR3vzeN-QQJ2IQzB4HsuNtJl99sLCWN3_DR1eYDLiMIVUg2-P8CddHIpqs6_Ya7JrbLL4BE9BVjiSc-REYfcd3YfVp9rdl0pc6Mbg8Cr4CP72KzcMZ9ZZmvzAp_63AHxkWOdj2uCfuadPU_47BLwBLF6-e61ahewfhxATvMEPXOh7e_ki7IXaYSAw6ZsDVfRx-ReIo_djdQCs-ezMaXnaoIA6uaz98LpPSFCiskSPot9hqSwekdpibtg_mujpu7wUKJfsE9Eqjt0qGCIYg0FCWVw9xR0SVQkWefUeC0ZgqQyUecarcVSiEBLzeXyT-CK_ncKIrYj8uVhIGgBXx_cN8BQqEKDHVH7W532rO-Zzs2OYcnlPHL5WQeDQM4AbmeMLEIy0X5NrqWh2ih4ihyCFqUU1lWXAWj9q5dTDMEb0E1Fg36sFnlGS58Iyk1eEdzlFdRONAym&sai=AMfl-YRT23RACcavFH2AXE8w0HrPAGBbbfJ26TEjnaah9FGlIyleGxVPgGk2uNnOt4SX-XfFERHc9_QpEOp_Hg7Hey5spvAQP3r2FA3v-J9RmVShz9OdwIqWIPEXlcjL1eUzCtfNFp9B0aNJXXlcKnpp8MBsPio1msf2leDdbFDanKeLKj37WqBxS9SQvKBvdDK5MdWiHC6yglA5r6oh6QDNHhSnJ9CxWOTEVnfeaIyD_AN8nU-Efx1HYGr1wHiNIyqT_7MclFJkpgjNOZvoVA&sig=Cg0ArKJSzA_wNCkM2WK4EAE&uach_m=[UACH]&pr=6:0.150000&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&cbvp=1&cstd=402&cisv=r20231106.00401&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A63
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCsxuxAtNZZmnMMmp_gSriJmoDAAAAAA4AeAEAg&bg=!7u2l7aLNAAb4oU7C2KE7ADQBe5WfOL1tzHzg_BgKO-45xSzwSh1_m9ip7v1r6eB7DL8D5XI0McaSMSC2kxPfXs078GMWAgAAAHBSAAAAB2gBB5kDSG-1uxdopgDA__CaUepoK7Z5TxQSPW6BqP83hkgetLrEM-Gs3FDcAeRHNDIG8FGNdfTChM0-bG0MXgetkm976KZtcxcjwl9RbuyrxSgfNuGbYVHrDjBleOPhenBMEGLIvlelx5Q9kYJukbs9fgPEfHUG8rZMA18BaOZBZE1QCf6cHoZoE2INbOIrLwKDrWx2Yio3EgBADlOCT7o9jO-rR9Asw08zVnRJm28Te1-HqW_6DPXv4WIAur5xUjlCT_2a6CsvopNoowieL59iVVPimOyUqLr9-py9_MF2ek0CcJqrQv0Bh1qyEMZptrL4aiioQy_lpQX0unkDeQ-5uZ8s7zn6iXkuWOi2xxzAuJp-Mp4B10LlTP3yMSkYBvkFQQCdEbpGzXDSocsMea_ypWel1pHIZwO9wNM5fShLG4OxnQepnSrWcnCJg8m-_2c1NGpcM5dwsYVAvA8ubefATIyZ2nB9WQLXvZr7asciRuaIdNs1HQGXH-FSJ7oHed8ytSmUrbQ1XDPacQoJFIpvP7MlOOc6vmuflwOfqivelBmgHao5Ylu-paMFzqP-Hdh1mjyKxu061CmmXgIIpB9FMaIit24FLUdO9ddoPypCR6ZCEYa34HTbDgrEKJnXtMLvVN0AxJrGEqaM60T8l9oUuikak7uaeHBCACPb2do2FUYx2stFnijhFRBdPw1a3liQA4Iyf-0nVEKzZ6WRQ-zNxXgslb7fAzfZeMG2lCUhRMV-shMUCX3gZ4FsGS8RRdW2oS2RTM1R4yEimoN15GuTjUEbKw5C2QYTjJtTDDe017YjULHYKcbvasRYoBBtKf9WavH3izxp5xtGkn8erKcMIz1QPYse51ZQOp9R2Sdje7yDHFJWXLxePU54bdgRy9uBx8jGzcZT_UMtbvoDbiVorYcLyAOwH_qzxVHNNrdxqPWNswV-dh1vgOZGajWyYdCZ6HcAvktdeyfe3WJhdroxz5Eoxh9ghsXC7pP2xOd9yDWLGzApFVnBvA8pVhAELmbK3FMuwlhqqz4_0cJpzLnex53U6HaiR_nM4YSrE3h_6adnZCs7T_65GreEiKEjJwRJml1R_RNx2BpKaB_tfdbYodiQyYIK4NF4JpppEg
Requested by
Host: 343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL: https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pnm6xtq.css
use.typekit.net/ Frame A9EB
11 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/pnm6xtq.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:b800:40::1730:a2d0 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
30becf1c6bffbd9ea5c90f47c264b8df81a160a5714d5221785dd18d968bf98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 09 Nov 2023 16:41:41 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1257
adlib.css
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
6 KB
2 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1924
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
adStyle.css
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
2 KB
773 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f16f39da331cdf153d6c09ea0518b8f586634c6f14ee0f70c6bf54e52253c5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
678
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame A9EB
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 17:29:33 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A9EB
57 KB
23 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 16:41:41 GMT
MotionPathPlugin.min.js
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
18 KB
8 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/MotionPathPlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b9608536b37a41bc7773906811ba161c2aebc1c2bc849799b62d3fd15e6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8295
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
CustomEase.min.js
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
7 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f558a9a6eeef180607677837bb37b6fbc068d907b89e35f694665e96eb816c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3561
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
vrbo_tile.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
596 B
490 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_tile.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96338f8cff2f2ae8149b47e3ca60afe09128fa9b26a6b14086121b68eed99b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
vrbo_wordmark_blue.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
6 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_wordmark_blue.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58681421a17125b5a0c3c78602010948a98931e33eeb0c7926987fe0fdc5403d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2776
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
vrbo_v_blue.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
2 KB
926 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_v_blue.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba59ceff66dd9e45fda6233fdd69da752c08275a7bba5e5c6beaa66d08dee7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
vrbo_v_color.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
2 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_v_color.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77ab31299e91c452d66639dbb4ce1586efba5c64c16919d899f5b28b238bcb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1015
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
textFit.js
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
8 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/textFit.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2875
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
21 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57091
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6133
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:10 GMT
animation.js
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
4 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d917a8df274a8599c85eba9fe3c6fe6b12f605508794d7c84cea85d188a680ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 9CF4
754 KB
242 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:35:07 GMT
expires
Thu, 07 Nov 2024 16:35:07 GMT
last-modified
Thu, 02 Nov 2023 19:38:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame F942
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 16:41:41 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0644
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 09 Nov 2023 17:32:46 GMT
/
hde.tynt.com/deb/ Frame ABB7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
2 KB
2 KB
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
ed6e5a75a8532a78b171f718a5ac9865f5b3ba77b7fdac801d5bbd271e0c215c

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1596
content-type
text/html
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5178507491
  • https://sync.1rx.io/usersync/tradedesk/0633bcd8-fc67-447d-af38-f03f3b151a77
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Date
Thu, 09 Nov 2023 16:41:41 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX10ee9d11923d437482cba9de0ccf37c2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ads
pubads.g.doubleclick.net/gampad/ Frame 9CF4
133 KB
19 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22876227373%2FValue_oRTB_VAST&description_url=%7Bdomain%7D&tfcd=0&npa=0&sz=1x1%7C250x300%7C300x250%7C300x600%7C320x480%7C400x300%7C480x320%7C600x300%7C600x600%7C640x360%7C640x480%7C720x1280%7C720x1560%7C720x1600%7C729x1280%7C768x1024%7C960x540%7C970x250%7C1024x768%7C1080x1080%7C1080x2220%7C1200x628%7C1280x720%7C1920x800&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=auto&type=js&vad_type=linear&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.600.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3154496095&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=AB2FD79D-657F-4170-AC44-335EB828ACBC&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802463&ref=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&dt=1699548101733&cookie=ID%3D7fc7c527f6f73f5a%3AT%3D1699548099%3ART%3D1699548099%3AS%3DALNI_MbQKVUeM_WIewMOkuSKM4OO-l7Y5Q&gpic=UID%3D00000da0e7250dd6%3AT%3D1699548099%3ART%3D1699548099%3AS%3DALNI_Ma1bSb1DhDzosaA-wtSkvVS4mRaSQ&correlator=361491135809915&scor=3649272495753073&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
833fe9fd73ea9b06362c91484d862f54fd1fba084c65e6a11b09e5a09ce5cf00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19710
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 032F
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
p.css
p.typekit.net/ Frame A9EB
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=pnm6xtq&ht=tk&f=10879.10881.10882.10884.10885.10886.10887.15586.15357.15358.15359.15361.15362.15363.32874.32875&a=101553698&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pnm6xtq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:b800:40::1730:a2d0 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
last-modified
Fri, 07 Jul 2023 12:42:39 GMT
server
nginx
etag
"64a8083f-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
view
googleads4.g.doubleclick.net/pcs/ Frame 5D98
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5UJ2KnahPlLwFIxFUCC3NIORBWC81zgndnh83tAJNZeMUNLAwIDtSwghAOHfpsmMx2x7hQXolEE2rOmOMmScQMnmz9rQeRqewgAaP4IJTFG-l2jpOOjS4BuGY6zmp5tK69I5OrgnWLOm7vM9NnRDFbPXEx3Fm-jh_CJYd0CGWNGw85x0ki6baZq_4MWKLW_sowiOWwK3LWJVfZn1e-FjbhyNilIzJ0wAYaBZJsoFP0v_zRKtUk1XbwkmBoz34vtjkgsilAHM9v_UdpcNg6-vXortaTm4cBqKm7fEDXqfnyDxhhdpdy_-AptQp42QnYQejSeBj8PrP9wG9_CL7TBc9K-Fk08u6Cq6z7BPLlm0FwZZfjuxnsz5Ug5Y_GimuJ1HWdgvTP5Vjhl_5JDXDffAyjj7NbN1zrlsHxPOecEd08kycqEuAJRY1hFnMP97q8uzZHJB-sQ0uPpBSI40oBYnV9_YVPJ44j2ByXsJRbScEi7pRYnxt1CDKokH8rF2DQvVA-XAPbiYxjf1rXbaisqUk4t3CIxii1HbzteuLMXGFVuJ3JgfrLI1bJ8kurT0kcwRBftKI1wBlWckUrHuwQYZ2r6jnSPzQTKLOmCCFtE_B9Q8UWSIKpS3aj4dgDsMaq9vajTrUQ65u0hQ_F7ykb9i8cBmMFmesgnUqondNRAidYV2r5zVLj0xmxrjCA2o_b5lJeTvarM0Xj6woHvfncYdYnpi1Xk72Ie4Fap6qsUuXOcXYSCqR8AB3GKnTkuQxoGKlFXc7popWHV_Ft1Pmdc2A3O6jkhetj0RNHegDAqsDa-3JAuKiI0aS4sj_mMy_-9GQoM-2ggStuoXio1VfA3DM8IKh3U_VpSxUXDKiEkrg9bZGpedIBP2NKFJqdfX2i0jDKb3EOC9u_8SnLA5um4dI76RreQQ_OhiP_MUeb93py-NxK9655gpV3LuwqHC6widv5BvaVrakS99ATlaPEceDZk40x30OCglVVTgjT2z6PU4QfUiZpR3vzeN-QQJ2IQzB4HsuNtJl99sLCWN3_DR1eYDLiMIVUg2-P8CddHIpqs6_Ya7JrbLL4BE9BVjiSc-REYfcd3YfVp9rdl0pc6Mbg8Cr4CP72KzcMZ9ZZmvzAp_63AHxkWOdj2uCfuadPU_47BLwBLF6-e61ahewfhxATvMEPXOh7e_ki7IXaYSAw6ZsDVfRx-ReIo_djdQCs-ezMaXnaoIA6uaz98LpPSFCiskSPot9hqSwekdpibtg_mujpu7wUKJfsE9Eqjt0qGCIYg0FCWVw9xR0SVQkWefUeC0ZgqQyUecarcVSiEBLzeXyT-CK_ncKIrYj8uVhIGgBXx_cN8BQqEKDHVH7W532rO-Zzs2OYcnlPHL5WQeDQM4AbmeMLEIy0X5NrqWh2ih4ihyCFqUU1lWXAWj9q5dTDMEb0E1Fg36sFnlGS58Iyk1eEdzlFdRONAym&sai=AMfl-YRT23RACcavFH2AXE8w0HrPAGBbbfJ26TEjnaah9FGlIyleGxVPgGk2uNnOt4SX-XfFERHc9_QpEOp_Hg7Hey5spvAQP3r2FA3v-J9RmVShz9OdwIqWIPEXlcjL1eUzCtfNFp9B0aNJXXlcKnpp8MBsPio1msf2leDdbFDanKeLKj37WqBxS9SQvKBvdDK5MdWiHC6yglA5r6oh6QDNHhSnJ9CxWOTEVnfeaIyD_AN8nU-Efx1HYGr1wHiNIyqT_7MclFJkpgjNOZvoVA&sig=Cg0ArKJSzA_wNCkM2WK4EAE&uach_m=[UACH]&pr=6:0.150000&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=960&vt=11&dtpt=547&dett=3&cstd=402&cisv=r20231106.00401&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame ECD1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3axaThmZfNgIeWB48uU82e8ZUcGGDDKyE2UWJ4L0sJe4na3A9dXbT7XmE1RyOyHgdVH5TsqR_yiuGn77WldGlgq2x-OIPx4PSqIccbaxbdUJQH5VmyC9cn0ruYIL_aPELiDqHh_0Bk3lPa1PUodmLvD8W9XQb27UpyEjXF7avio24KSnXon568nGcCy1wBITPg6CTFlZHpvA0O9OypgevoHr1qXQBAN7wGIoTDccoOd4jG_xaLiblVWe7bTXHo46isWovLKwXQxoANBMUkCwSmK0zB7PysdS-jODhMqQFhMkKnTpw_N-BtRDTLoHS_pJoM3mHAnuZZciJcuMMQRoo0Iz6oT9MkLmwVjxtOa3aszlTVdQ4b8T2Jbjny-W0xa5FutwmNhQ&sai=AMfl-YS1qKqZco__LqHhSc-MVfmcW4Vc_5Ch05bIUCZLePd1aPDdfGfq_wRfziYNmRTQ0JHY_P_MACYr80Ymf_hJw1qj0HtXFoOguevTAfv72Q1b3Ny6U4X-SOhY6eqMKPc&sig=Cg0ArKJSzEfYD3-yrGqLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Nov 2023 16:41:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0488
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb39T7w8R43SxaRKHhP37lzgS8WIZo4N3JDH8c4-l6PQBFwulQfCt6XVrjj2MqjexEqTc29FmeuslpR954vD4gdyPYiFDgr8rEQhBAlNGLs6xr4N_iVw&sig=Cg0ArKJSzOz4CwcF0LDfEAE&id=lidar2&mcvt=1010&p=288,315,378,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3444978212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699548099725&rpt=1174&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A9EB
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c837a7157c185d7edcf294f90f2fb1e2a905630acc4862e6aed332599f3266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5987
x-xss-protection
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
359943
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/
0
0

sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=AzCq4HxraXhxUms5a0N1UGtFbWYzVk85S3FscnY3NWVLY0JSN0p5bUh5TzlzdHZaVFlqMmF3dTc2QzR1T0ltSUZqMUlYSWdFb3NYWitnV0hJZ052THBpamtxWUVWVFhFZ0J6SXo0bEUwL2t1L0JSL2dCd1pSeDRHV05oWW...
362 B
650 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=AzCq4HxraXhxUms5a0N1UGtFbWYzVk85S3FscnY3NWVLY0JSN0p5bUh5TzlzdHZaVFlqMmF3dTc2QzR1T0ltSUZqMUlYSWdFb3NYWitnV0hJZ052THBpamtxWUVWVFhFZ0J6SXo0bEUwL2t1L0JSL2dCd1pSeDRHV05oWWk3ZzZtTS9FTFJZVE5yNS9WVGV6Y1R1NGpxdFVhcTl4SlRkK2VkTWhkRmRzMGxIdzAwYnlVQWRFNndXOGUxRDdsWG1nMm5FTUd4eVFmbG5yVExrODRwTFZneXhnZWZoaGlyQmVVV3J3MXVKQkxrbjQrcHJpZHJOK0gweUtsVjkxcmg3blZvZEVJfA&cppv=2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
64ac99bf449022f3c4df96d5205e4a48e44dd0ef483c70b087da40b8d1ba62b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
706536
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.com
location
https://mug.criteo.com/sid?cpp=AzCq4HxraXhxUms5a0N1UGtFbWYzVk85S3FscnY3NWVLY0JSN0p5bUh5TzlzdHZaVFlqMmF3dTc2QzR1T0ltSUZqMUlYSWdFb3NYWitnV0hJZ052THBpamtxWUVWVFhFZ0J6SXo0bEUwL2t1L0JSL2dCd1pSeDRHV05oWWk3ZzZtTS9FTFJZVE5yNS9WVGV6Y1R1NGpxdFVhcTl4SlRkK2VkTWhkRmRzMGxIdzAwYnlVQWRFNndXOGUxRDdsWG1nMm5FTUd4eVFmbG5yVExrODRwTFZneXhnZWZoaGlyQmVVV3J3MXVKQkxrbjQrcHJpZHJOK0gweUtsVjkxcmg3blZvZEVJfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
360830
content-length
0
expires
0
prebid
id5-sync.com/api/config/
135 B
420 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08D3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55857
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame A99A
2 KB
744 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b9f9670c6bf7b7fbe0f66392e0c168ab44a84b797b473aceab575eceb3e19a70

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
654
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:41 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 71FD
3 KB
1 KB
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1699548098344
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
584f59e5cda07a596ee486d8681e3262e50032716714cfc722feace664a9e0f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
976
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pbjs
sync.quantumdex.io/usersync/ Frame D2AE
5 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4adb52deb89fb76426cdcee5e9bb016b5f6b6b0d415c9bb32084fb1b460f9302

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82378135af5b36fa-YYZ
content-encoding
gzip
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
server
cloudflare
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1652812984930789700&gdpr=0&gdpr_consent=
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1652812984930789700&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
34.195.47.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-47-71.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1652812984930789700&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2572705412202874115175
49 B
831 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2572705412202874115175
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2572705412202874115175
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0633bcd8-fc67-447d-af38-f03f3b151a77&pubid=4d443a3ea2
49 B
845 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0633bcd8-fc67-447d-af38-f03f3b151a77&pubid=4d443a3ea2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0633bcd8-fc67-447d-af38-f03f3b151a77&pubid=4d443a3ea2
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Kestrel
content-length
227
usersync
match.bnmla.com/
0
0

us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
49 B
853 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/
0
242 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2305:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:30 GMT
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
12
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
9Ge80FIN1DzUJ-zc925pXAXazI_RYMso6P98_RlRNa6NmuxbK0Uqow==
user-sync
sync.adkernel.com/
0
0
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2623020820975271758
49 B
751 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2623020820975271758
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2623020820975271758
Date
Thu, 09 Nov 2023 16:41:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0ae73278-118f-48e2-a540-04f48fc05f21&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cUk1aUVQcWhvdlp3VmYwY0pibTUyZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEODZ_DFzMf4_k5zDtj1wVMw&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b8hXQzY7XWqJ
49 B
820 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b8hXQzY7XWqJ
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b8hXQzY7XWqJ
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=6f7d3936a1bf4aa2a53306b303f7cfb0&gdpr=0&gdpr_consent=0
43 B
422 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=6f7d3936a1bf4aa2a53306b303f7cfb0&gdpr=0&gdpr_consent=0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=6f7d3936a1bf4aa2a53306b303f7cfb0&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
4
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
506 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Apache-Coyote/1.1
content-length
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=0ae73278-118f-48e2-a540-04f48fc05f21
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D340635126&pcid=$UID
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=340635126&pcid=8365386662731688929
43 B
1 KB
Image
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=340635126&pcid=8365386662731688929
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
18.67.76.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-44.iad89.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
via
1.1 92ed8a6103fa735c31caf49b92d4efb6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
LJJ2mu1oLZOG9G8TwYozwerXS-IH2uswtbhTHC_aSoC4uROQM9jn2g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
c1d40f61-b41c-43bb-aa68-74de047eeb5b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=340635126&pcid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p
a.audrte.com/
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGQ0QkRKeGtVZjVSY3FHY2g3OEZ5M0xoZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGRkNEJESnhrVWY1UmNxR2No...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=191916075475754370&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=dd4BDJxkUf5RcqGch78Fy3Lhg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=1652812984930789700&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
52.50.95.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=900a7312-587b-4c80-b9f1-5f394329dfc0
49 B
845 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=900a7312-587b-4c80-b9f1-5f394329dfc0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=900a7312-587b-4c80-b9f1-5f394329dfc0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ID1=0ae73278-118f-48e2-a540-04f48fc05f21
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/
0
0
Image
General
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=0ae73278-118f-48e2-a540-04f48fc05f21
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=0ae73278-118f-48e2-a540-04f48fc05f21
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JMJQ37N26T6J99Z9MZY5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

all
ssl-market-east.smrtb.com/sync/
0
0

us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=cf34NU9bylU0hAu57blx&pi=sonobi&tc=1
49 B
752 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=cf34NU9bylU0hAu57blx&pi=sonobi&tc=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=cf34NU9bylU0hAu57blx&pi=sonobi&tc=1
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT, Thu, 09 Nov 2023 16:41:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MGFlNzMyNzgtMTE4Zi00OGUyLWE1NDAtMDRmNDhmYzA1ZjIx
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEK0gF6-ESvPTPwzDehHfnpc&google_cver=1
49 B
839 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEK0gF6-ESvPTPwzDehHfnpc&google_cver=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEK0gF6-ESvPTPwzDehHfnpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
30907
tags.bluekai.com/site/
62 B
454 B
Image
General
Full URL
https://tags.bluekai.com/site/30907?id=0ae73278-118f-48e2-a540-04f48fc05f21
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.128.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-128-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 09 Nov 2023 16:41:43 GMT
content-length
62
content-type
image/gif
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
54.158.26.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-26-120.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-004a9b0ff.edge-va6.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Y2NSrzk2SqM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v052-09db52877.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LUdAkaczShE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=0ae73278-118f-48e2-a540-04f48fc05f21
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d389a46b-20c1-48eb-a0d8-84e096eb65fb
49 B
582 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d389a46b-20c1-48eb-a0d8-84e096eb65fb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d389a46b-20c1-48eb-a0d8-84e096eb65fb
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=GhLl1WHJVBRctqE9BNKSB0YZ_7Y
49 B
760 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=GhLl1WHJVBRctqE9BNKSB0YZ_7Y
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=GhLl1WHJVBRctqE9BNKSB0YZ_7Y
Date
Thu, 09 Nov 2023 16:41:42 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
info
uipglob.semasio.net/dbm/1/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=0ae73278-118f-48e2-a540-04f48fc05f21&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=0ae73278-118f-48e2-a540-04f48fc05f21&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/8/2.gif?puid=3bb9e9c8-0485-4926-b486-156051b1d83a&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=0633bcd8-fc67-447d-af38-f03f3b151a77&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/5/5.gif?puid=8365386662731688929&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/4/6.gif?puid=u_cc95bf89-ecab-4cac-b993-eaf62f7cb946&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/112/3/7.gif?puid=91136523C92BA8FE&gdpr=0&gdpr_consent=
  • https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F987%2F2%2F8.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/987/2/8.gif?puid=di_bf19b4b662464003b6b1d&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAEZk07KmhgAABRwTZiIEg&id5AccountNum=155&numCascadesAllowed=9
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTExMzY1MjNDOTJCQThGRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAHZQXMKJNuCO8E97gUEaRg&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw&...
0
0

setuid
x.videobyte.com/
0
51 B
Image
General
Full URL
https://x.videobyte.com/setuid?bidder=sonobi&uid=0ae73278-118f-48e2-a540-04f48fc05f21&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.142.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-142-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
content-length
0
vary
Origin
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=bbed91187039492fad91187039692fcc
49 B
765 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=bbed91187039492fad91187039692fcc
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:41:42 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://securityaffairs.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=bbed91187039492fad91187039692fcc
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=191916075475754370&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 09 Nov 2023 16:41:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8365386662731688929
49 B
827 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8365386662731688929
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
0c8b5cf7-7531-4372-bfc5-867d99749e58
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=0ae73278-118f-48e2-a540-04f48fc05f21
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3bb9e9c8-0485-4926-b486-156051b1d83a%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8365386662731688929&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8365386662731688929&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
a54a0dee-9ac2-4020-8bcd-07d168913f57
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8365386662731688929&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2075%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1370374581
  • https://sync.1rx.io/usersync3/mediamathtest/2075/b409654d-0bc3-4900-a46b-45ca742dc72d?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-10ee9d11-9...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
43 B
497 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
23.105.12.137 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Date
Thu, 09 Nov 2023 16:41:43 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX10ee9d11923d437482cba9de0ccf37c2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
PugMaster
image6.pubmatic.com/AdServer/ Frame 08D3
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15683767&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
696e31294b42e06bb6fc2d954667a3c21f9d4ae37b0f5a898244850fd5ca8eb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 16:41:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cframe.js
assets.a-mo.net/js/ Frame A99A
12 KB
5 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7f9289b9e9b768f4add47941d29f127d5e3343774de111f7e68a9af81e33f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
via
1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C1
age
448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 13 Oct 2023 17:01:58 GMT
server
cloudflare
etag
W/"d89490fe715814f9971fe560ac2c7b5c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
823781385987711a-YYZ
x-amz-cf-id
f4bhC3C8CEv7NaJ5Sg60scfZ8YvWqyNg_pLIUqgHclM1VoPOocO4rA==
expires
Thu, 09 Nov 2023 17:41:42 GMT
tap.php
pixel.rubiconproject.com/ Frame 71FD
42 B
805 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=zPYvhfCNwmFd7YYoylXFKG3l2nXvoZBgm2uk3g0SLaw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699548098344
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 71FD
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699548098344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:40 GMT
content-length
0
sync
x.bidswitch.net/ Frame 71FD
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1699548098344
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
vrbo_wordmark_blue.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
6 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_wordmark_blue.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58681421a17125b5a0c3c78602010948a98931e33eeb0c7926987fe0fdc5403d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2776
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
vrbo_tile.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
596 B
441 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_tile.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96338f8cff2f2ae8149b47e3ca60afe09128fa9b26a6b14086121b68eed99b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:50:09 GMT
vrbo_v_blue.svg
s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/ Frame A9EB
2 KB
888 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/vrbo_v_blue.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba59ceff66dd9e45fda6233fdd69da752c08275a7bba5e5c6beaa66d08dee7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 08:57:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 02:03:22 GMT
CA-EN_Frame_1_Image_3_380_1.00.jpeg_1689012912899_CA-EN_Frame_1_Image_3_380_1.00.jpeg
s0.2mdn.net/dynamic/2/11101539/cdn.ad-lib.io/v3/partners/63a31d9b011c4212f3027a8f/assets/singleFiles/6470be5f0d46576c00e273e9/original/ Frame A9EB
157 KB
157 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11101539/cdn.ad-lib.io/v3/partners/63a31d9b011c4212f3027a8f/assets/singleFiles/6470be5f0d46576c00e273e9/original/CA-EN_Frame_1_Image_3_380_1.00.jpeg_1689012912899_CA-EN_Frame_1_Image_3_380_1.00.jpeg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbb7c5a656d9f3abc2189c0bc346a69c5312670d7eb8a05021202ed7916a6825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:11 GMT
x-content-type-options
nosniff
age
57091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161052
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 18:15:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 00:50:11 GMT
Headline_2_Image_0_1116_1.00.jpeg_1689012912899_Headline_2_Image_0_1116_1.00.jpeg
s0.2mdn.net/dynamic/2/11101539/cdn.ad-lib.io/v3/partners/63a31d9b011c4212f3027a8f/assets/singleFiles/6470b1b40d46573734e0d982/original/ Frame A9EB
104 KB
104 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11101539/cdn.ad-lib.io/v3/partners/63a31d9b011c4212f3027a8f/assets/singleFiles/6470b1b40d46573734e0d982/original/Headline_2_Image_0_1116_1.00.jpeg_1689012912899_Headline_2_Image_0_1116_1.00.jpeg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b00ceb0b495b030fef19b9ef1513d31e6d1bf2f976c32426359cd64d754338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4220394334702272512/728x90-VRBO_A_Place_For_Together/index.html?e=69&leftOffset=0&topOffset=0&c=xvAI7mwwmL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:50:11 GMT
x-content-type-options
nosniff
age
57091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106213
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 18:15:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 00:50:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A9EB
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:41:42 GMT
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ Frame A9EB
41 KB
42 KB
Font
General
Full URL
https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?subset_id=2&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pnm6xtq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:b800:40::1730:a2d0 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c

Request headers

Referer
https://use.typekit.net/pnm6xtq.css
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
nginx
etag
"87868ea7533b245fa343d5fd2e370ee0daee1db8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
42384
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781374af236fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8365386662731688929
43 B
105 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8365386662731688929
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781371a8336fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
902d9ada-3c8a-42ca-baca-8809d4306e72
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ff06b7ad-b9e4-47bf-b825-73a856945536
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ff06b7ad-b9e4-47bf-b825-73a856945536
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781371a7c36fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ff06b7ad-b9e4-47bf-b825-73a856945536
date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
0
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame D2AE
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3b9956e3-687b-30c9-a1e9-82f1b29fa62f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
176 B
Image
General
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3b9956e3-687b-30c9-a1e9-82f1b29fa62f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjk5NTZlMy02ODdiLTMwYzktYTFlOS04MmYxYjI5ZmE2MmYQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtM2I5OTU2ZTMtNjg3Yi0zMGM5LWExZTktODJmMWIyOWZhNjJmMgIYHjgB&gdpr=&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3b9956e3-687b-30c9-a1e9-82f1b29fa62f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjk5NTZlMy02ODdiLTMwYzktYTFlOS04MmYxYjI5ZmE2MmYQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtM2I5OTU2ZTMtNjg3Yi0zMGM5LWExZTktODJmMWIyOWZhNjJmMgIYHjgB&gdpr=&gdpr_consent=
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-3541872145299294774
  • https://sync.quantumdex.io/setuid?bidder=between&uid=dc6c0739-7917-5339-b4a9-2d75d1e426b3
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=dc6c0739-7917-5339-b4a9-2d75d1e426b3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82378139af9636fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=dc6c0739-7917-5339-b4a9-2d75d1e426b3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=ee30eb1cd0
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=ee30eb1cd0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781374af736fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

date
Thu, 09 Nov 2023 16:41:37 GMT
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
5
x-cache
Hit from cloudfront
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=ee30eb1cd0
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
A1SbOx8aUSy6uGp8rnLH5SwwwToilYsN3aX9uXv4dnqZ99YkrKvoNQ==
setuid
sync.quantumdex.io/ Frame D2AE
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-55d2Z7L7yWNDtNNTC0aQHjus8D12Q0m31cFL_FIzDw
43 B
118 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-55d2Z7L7yWNDtNNTC0aQHjus8D12Q0m31cFL_FIzDw
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8237813baae836fa-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-55d2Z7L7yWNDtNNTC0aQHjus8D12Q0m31cFL_FIzDw
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
sync-iframe
cs-server-s2s.yellowblue.io/ Frame CBBB
2 KB
3 KB
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9bf4c2f132831a2ee01658fad9341c06e92b4eb125d781954786b29020b4a3d1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame 656C
342 B
669 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ae5cc7d03d9191695f4a4f61d52b54f268725064072406312852bfdf66c743ba

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame 69FC
342 B
669 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
65defb5ca1039cb180b3ccc0b52e5c89b918b2944d44a3de3a21698e5733abf5

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame F8CE
704 B
1 KB
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
87d810140b99372801b4a71071289e95c75433620f5882bcd81851224f5d2352

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
704
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
Pragma
no-cache
Server
nginx
sync
eb2.3lift.com/ Frame 4B83
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d0596452f678cd025457ff1d25f79daaef983441162f3564a4abade6a6bf86f9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
sync.quantumdex.io/ Frame D578
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
95 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
823781387d5936fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Thu, 09 Nov 2023 16:41:42 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Transfer-Encoding
chunked
usermatch
ssum-sec.casalemedia.com/ Frame 6910
2 KB
1014 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f215026833db985bfc1c8636bcc253367c0f47ef67c432afd25079e104f8855e

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
823781381c335431-YYZ
content-encoding
br
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aIWUU0PZNYU4AFXwYcI2aQBNWyf0JwPbGwnL%2BBTimMaelcbSKAtQqRTPNXdve1IcxOysxIkCa33jgqNYN1vQasA84keiUeAHl4oz75RzQp312o7HVEG8OEW6ot0WEWeygs1hl9O9wS%2B4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDD0
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55857
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 27A5
3 KB
1 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
4c2dc1863b5ed1146f85d081f02c14d6cd96eae58470f8e98286734d34f67564
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1012
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csi
csi.gstatic.com/ Frame 9CF4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lorf2437&c=5015548753147&slotId=2507774376573.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=4bLBNqAfqec&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 7E34
439 B
909 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
2f44455777d48423bc31aeda7cdc83ce970f82fbce9614a591376cf14c7a560c

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
439
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
Pragma
no-cache
Server
nginx
dcm
s.amazon-adsystem.com/ Frame 1E7B
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=28C0E945-35F4-407E-84C4-B03C0320B0C6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JY2REHH3277YYYX5W53R
Pug
image2.pubmatic.com/AdServer/ Frame 640D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWmswN0ttaGdBQUJSd1RaaUlFZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAEZk07KmhgAABRwTZiIEg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEZk07KmhgAABRwTZiIEg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1652812984930789700&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAEZk07KmhgAABRwTZiIEg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1652812984930789700%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1652812984930789700&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEZk07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZk07KmhgAABRwTZiIEg&gdpr=0&gdpr_consent=
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZk07KmhgAABRwTZiIEg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZk07KmhgAABRwTZiIEg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7334
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8365386662731688929&gdpr=0&gdpr_consent=
42 B
237 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8365386662731688929&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
aacda3b7-7874-4626-b090-b42062abc11f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8365386662731688929&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6F26
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZU0LxgAAAD32KAAj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4530-YYZ
x-timer
S1699548103.663105,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 09 Nov 2023 16:41:42 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZU0LxgAAAD32KAAj
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4530-YYZ
x-timer
S1699548103.561580,VS0,VE20
141
match.deepintent.com/usersync/ Frame 1724
0
338 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame E0F2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dce39620-7f1e-11ee-97d5-513f6ca673b5
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f834df05-11bc-41e4-98eb-79c0baa615d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f834df05-11bc-41e4-98eb-79c0baa615d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:44 GMT
Keep-Alive
timeout=5, max=2998
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f834df05-11bc-41e4-98eb-79c0baa615d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
image2.pubmatic.com/AdServer/ Frame 8E2B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
42 B
422 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame 8EEC
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2623020820975271758
42 B
273 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2623020820975271758
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 09 Nov 2023 16:41:42 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2623020820975271758
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
getuid
ads.avct.cloud/ Frame 1A3D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 01BC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&gdpr=0&gdpr_consent=
42 B
380 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GhLl1WHJVBRctqE9BNKSB0YZ_7Y&gdpr=0&gdpr_consent=
cs
cs-server-s2s.yellowblue.io/ Frame 1CEA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:n0gkqEed1R186a5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=28C0E945-35F4-407E-84C4-B03C0320B0C6
0
322 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 09 Nov 2023 16:41:43 GMT
server
istio-envoy
x-envoy-upstream-service-time
3

Redirect headers

content-length
115
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=28C0E945-35F4-407E-84C4-B03C0320B0C6
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame CFEF
43 B
362 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:41:41 GMT
expires
Thu, 09 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
441550
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 07D0
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=552da1a9-f27d-4896-b9db-1e4281b89c01&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6
42 B
517 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.166.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-166-52.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:42 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 09 Nov 2023 16:41:42 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=28C0E945-35F4-407E-84C4-B03C0320B0C6
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
insync
thrtle.com/ Frame 08D3
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=4d4d7b4d-0a44-4555-b229-39852e0b77cd
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=4d4d7b4d-0a44-4555-b229-39852e0b77cd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Server
44.199.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-53-197.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=28C0E945-35F4-407E-84C4-B03C0320B0C6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=4d4d7b4d-0a44-4555-b229-39852e0b77cd
date
Thu, 09 Nov 2023 16:41:42 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 08D3
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 08D3
43 B
359 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-207-29.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 08D3
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.178.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-178-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 09 Nov 2023 16:41:41 GMT
28C0E945-35F4-407E-84C4-B03C0320B0C6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 08D3
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/28C0E945-35F4-407E-84C4-B03C0320B0C6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:c4e3:8320:b906:8d19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 08D3
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=478579be86c7154c&is_secure=true&networkId=17100&version=1&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHkPcm_Xh5jgMBDNpJAAAAAAA&expiration=1699634502&nuid=28C0E945-35F4-407E-84C4-B03C0320B0C6&...
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
0
0
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 08D3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5e872b9c-c8d1-475f-a771-4666c6760cd7&gdpr=0&gdpr_consent=
0
0
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5e872b9c-c8d1-475f-a771-4666c6760cd7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5e872b9c-c8d1-475f-a771-4666c6760cd7&gdpr=0&gdpr_consent=
Date
Thu, 09 Nov 2023 16:41:42 GMT
Connection
keep-alive
X-CI-RTID
2a034eb2-14e3-4d7b-85a0-aa42083208c8
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 08D3
0
287 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.239.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-239-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 08D3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 09 Nov 2023 16:41:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sn.ashx
pmp.mxptint.net/ Frame 08D3
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10BE2BB19_4AAC929F&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-382552902; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-382552902; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 08D3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2513037740847063967&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
40 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame FF9D
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 08:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
114861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 08:47:21 GMT
csi
csi.gstatic.com/ Frame 9CF4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lorf24hs&c=5015548753147&slotId=2507774376573.5&qqid=CIjbjIeut4IDFWWO0QQd7GoDFQ&gqid=xQtNZeSpMK3jxtYP_LCWqAk&fb=ima_html5-lima&sdkv=h.3.600.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44802463&met.4=ghmsh_s.lorf24hw~ghmsh_s.lorf24hx&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CumI2nIwY3KS-4wp
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CF4
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.600.0%2Fvpaid_adapter&e=44752052%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=2007273437808333&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 9CF4
453 B
478 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-3990748024667386
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:55:17 GMT
x-content-type-options
nosniff
age
2785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:45:17 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
65 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CsQ91xQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAGgBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&sigh=STELCC7kMQ4&label=show_ad&sdkv=h.3.600.0/vpaid_adapter&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwOTEzMzMyOTM1MjIMNjc4ODQyODY0NjM0QM4DUiMQDyUAAHBBKAE6CzRiTEJOcUFmcWVjQglnb29nbGVhZHNQABgB
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 9CF4
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CzfYzxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kuSBREIEhAFGA8w59P-gOqmsNnhAaAGVIAHsouisQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOntLagIAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkvaHR0cHM6Ly90cnkubGVzbWlsbHNvbmRlbWFuZC5jb20vP2djbHNyYz1hdy5kcyaACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgED4g0TCIjpi4eut4IDFWWO0QQd7GoDFcITBhiF6LijAtgTDYgUAdAVAeIWAggBgBcBshcfCh0IABIUcHViLTc3NTM1MzcxNTcwNTU2MzEYkc-PAQ&sigh=bxH3aJfQUvE&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&vt=10&sdkv=h.3.600.0/vpaid_adapter&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwOTEzMzMyOTM1MjIMNjc4ODQyODY0NjM0QM4DUiMQDyUAAHBBKAE6CzRiTEJOcUFmcWVjQglnb29nbGVhZHNQABgB
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame F942
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lorf23x8&c=5015548753147&slotId=2507774376573.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com/
2 MB
0
Media
General
Full URL
https://rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com/videoplayback?expire=1699576902&ei=xgtNZciTBJuCy_sPypCT4AQ&ip=70.25.255.182&id=e1b2c136a01fa9e7&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=GJ&mm=31&mn=sn-cxaaj5o5q5-tt1y&ms=au&mv=u&mvi=3&pcm2cms=yes&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1698800938247226&mt=1699547241&cpn=CumI2nIwY3KS-4wp&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRAIgP9clVvKPmNUSsBGb4v5i8ZhxK3QeayyHxnuHfiABGXoCIAPM6q8PeMNf5tgPaTmQttY2OhRO5HP0kFt-W3XB3RFR&lsparams=mh,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AM8Gb2swRQIgVeb7TC6nHui7D5h1HPvlvzM0hRefRXnCYzLpMregGqQCIQDuid17_wGAbG-_9LAL6vRtjH8YkJEWWC4iFqr1M1Zhxg==
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:4958:300:4f2::e , Canada, ASN577 (BACOM, CA),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 09 Nov 2023 16:41:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Nov 2023 01:08:58 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3210459/3210460
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3210460
Expires
Thu, 09 Nov 2023 16:41:43 GMT
xuid
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0633bcd8-fc67-447d-af38-f03f3b151a77&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0633bcd8-fc67-447d-af38-f03f3b151a77&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=0633bcd8-fc67-447d-af38-f03f3b151a77&dongle=0cfd&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIpTKUVGf3oxyBGg5tbvpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIpTKUVGf3oxyBGg5tbvpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIpTKUVGf3oxyBGg5tbvpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B83
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjU3MjcwNTQxMjIwMjg3NDExNTE3NQ%3D%3D
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 4B83
0
366 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2572705412202874115175&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8A4043CEE3FE4CA2AFFAE94C3AE395D8 Ref B: YTO01EDGE0416 Ref C: 2023-11-09T16:41:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJuuDuN1IKHukODgYIIQ==
xuid
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2572705412202874115175?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-p2ORr_lE2oTWxRH7rdCWdE8MiYEhDBNLVshS9mQVPw--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-p2ORr_lE2oTWxRH7rdCWdE8MiYEhDBNLVshS9mQVPw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-p2ORr_lE2oTWxRH7rdCWdE8MiYEhDBNLVshS9mQVPw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2572705412202874115175&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=2afc7f67-f499-4f23-8453-7e553b2ee1ba&ssp=triplelift&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 09 Nov 2023 16:41:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 4B83
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
438534
expires
Thu, 09 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4B83
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8365386662731688929&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8365386662731688929&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
621e6c53-bbe8-49d7-a995-9e18fbc8b0d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8365386662731688929&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 4B83
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2572705412202874115175
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
a210d0e8-cdf5-4f93-89d4-72eeb1ad3da1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 27A5
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 27A5
42 B
805 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=4I-Za9TJ4uZNpfe_80rfxEkKgP2v2YnOgSyqDOg2Rug
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 27A5
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 27A5
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=onetag&uid=4I-Za9TJ4uZNpfe_80rfxEkKgP2v2YnOgSyqDOg2Rug
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82378138adbe36fa-YYZ
content-length
43
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame FDD0
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64416410&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
39d2a44841c560c3d725e832849e38af004a209ab021b070769ec5b26618dcbe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 6910
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AJ00WCEP6XY5PC8AZ3HW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6910
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0633bcd8-fc67-447d-af38-f03f3b151a77&expiration=1702140102&gdpr=0&gdpr_consent=
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0633bcd8-fc67-447d-af38-f03f3b151a77&expiration=1702140102&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkjSqIo3Wn3Ep6PCqSMRNtFhsTMk5A%2F%2BQvPAzzzBmSK2254l3A5MoQaWC0vsrfqB7uReyaVo1bEdK163cHPyF9hbDaY40guVCFL2RS9E52AaKygVSQNkRe29leGyJ5qkA2GmzBOnaRULFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237813979b636d4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0633bcd8-fc67-447d-af38-f03f3b151a77&expiration=1702140102&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 6910
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK5Q7gXSBim8ojGD7wnapys&google_cver=1
43 B
736 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK5Q7gXSBim8ojGD7wnapys&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv%2BOyDHlU3x%2FfgMS7jMvXJ9R3N8mwKqyA2XdQ8OMRunG22qvMPahD5nIuYcuDGA2Yc8o721aPodbcuGNAm82C3q7N7u2rDSByE%2BUwzAWpk2P9PznbC3SzAvR%2BAx0j12WPvF%2BuuZTkWO5cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237813969ae36d4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK5Q7gXSBim8ojGD7wnapys&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 6910
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=91d8a00c5ce6462d8c000695962c8d92
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
196929
expires
Thu, 09 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Thu, 09 Nov 2023 16:41:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
rum
dsum.casalemedia.com/ Frame 6910
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e8225a1b09410fc&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGtcNUQFpBiAMWowurAAAAAAA&expiration=1699634502&is_secure=true
43 B
517 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGtcNUQFpBiAMWowurAAAAAAA&expiration=1699634502&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgCy%2FHlmmwk2OkH1QjeC6tAhYsHfCyWyNyr90TroXFEGYBFxj0eb7TvzVk9GL7v6uazOBt2hAMBGwcVvG58PLerUWnXMYcYbf%2FZ7MUJ1hoby%2BjGs1Hc%2FpuQvttnE%2BQ3W%2BjK9oI5y"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237813aa9445431-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGtcNUQFpBiAMWowurAAAAAAA&expiration=1699634502&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6910
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a05:c4e3:8320:b906:8d19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 6910
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2513037740847063967
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2513037740847063967
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uystWt6bwJByesiQooF2EPFolo89QlS3%2Bx5KNxtSGFjCIed3otCDaYFrnEoOJENF2cuTC%2BGy%2BIjp9AlAWtbF95N8XT16w9oVL1waYkBCh889JU6SigmkK1KXS61zMb1nEhAqgzIGBZa9vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237813989d936d4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2513037740847063967
pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6910
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2623020820975271758
43 B
740 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2623020820975271758
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQIbw%2B4HwPL7CuzSL4ngtXAjtyDSS54e3RBRvqdKF5stlECBfH1j0fClF3eSNTW%2FMVMrFvcfDfCSrVnKKbD%2FE5pO69Ngs%2BBHujDm%2Bk5ONcSvVHWwO%2BhtmkUADdcEdiQeHMwy2vA42SJxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8237813979b836d4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2623020820975271758
Date
Thu, 09 Nov 2023 16:41:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
sync.quantumdex.io/ Frame 6910
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZU0LxIQ-p_0qjlW3xTznXgAABawAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781390e6a36fa-YYZ
content-length
43
content-type
image/gif
user-sync
sync.adkernel.com/ Frame F8CE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A907824279182366546
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=xapads&user_id=spxBppBCpb5ivp1qyXkO0
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
42 B
353 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Date
Thu, 09 Nov 2023 16:41:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212338249209002
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212338249209002
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212338249209002
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e&gdpr_consent=null&gdpr=0
0
330 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=20b3426f-0aa5-4ba1-a518-0bf4155ce72e&gdpr_consent=null&gdpr=0
date
Thu, 09 Nov 2023 16:41:43 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d327d386-5e40-46ca-898e-0a8d40b64ac6
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d327d386-5e40-46ca-898e-0a8d40b64ac6
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Thu, 09 Nov 2023 16:41:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=d327d386-5e40-46ca-898e-0a8d40b64ac6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
0
329 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=8d6b2298a721b6ca1f9c1eaca94dd528&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699548102588096-310
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Date
Thu, 09 Nov 2023 16:41:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=fdbde610-14c4-4eb2-9ed5-09e4990f6e69
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=fdbde610-14c4-4eb2-9ed5-09e4990f6e69
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-134
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=fdbde610-14c4-4eb2-9ed5-09e4990f6e69
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
apn
ads.playground.xyz/usersync/ Frame CBBB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
Image
General
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame CBBB
53 B
613 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 09 Nov 2023 16:41:42 GMT
cs
cs.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=ff06b7ad-b9e4-47bf-b825-73a856945536&gdpr=0
0
329 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=ff06b7ad-b9e4-47bf-b825-73a856945536&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=ff06b7ad-b9e4-47bf-b825-73a856945536&gdpr=0
date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame CBBB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8365386662731688929&gdpr=0&gdpr_consent=
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8365386662731688929&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
683ee417-fc76-4088-8663-5fc62ec41ea7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8365386662731688929&gdpr=0&gdpr_consent=
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame CBBB
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=9_rqzLtzkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823781394ed636fa-YYZ
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 2098
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 09 Nov 2023 16:41:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 764E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1699548102453.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55857
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP013
x-33x-status
40000000008200000A
setuid
u.4dex.io/ Frame ABB7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1699548102453.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=212338249209002
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=212338249209002
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=212338249209002
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame ABB7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=7af2fbb0-cbdc-4d5f-87a7-5370182b1bef&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame ABB7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8%7EA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8%7EA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IJHK_MJE2uF5EHvYfyW_7GRNwUMueef8%7EA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame ABB7
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=13fcc3e201d154c&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&expiration=1699634502&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGtcNUQFpBiQMvZ8jHAAAAAAA&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame ABB7
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2572705412202874115175
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2572705412202874115175&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2572705412202874115175&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2572705412202874115175&ts=1699548102&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B350
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55857
content-encoding
gzip
content-length
5636
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 10 Nov 2023 08:12:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame CF6A
3 KB
1 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
410198166cd4905ddfbe8b090c16e836864b0984f520755fd797921bbad42f01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1009
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 8F71
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:41:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 09 Nov 2023 16:41:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D98
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvmPwh1LTq7c50IuopGnRRFoztT5_KPVCueom9-VicBmCpI09zXiRB6AWu-agN9YH9IV7aVQSq60_o1czZkEM1YeXPXQg8hldro0E-3hnARPs4FsBchaPEhIvM&sig=Cg0ArKJSzI0EyaIVW0_6EAE&id=lidar2&mcvt=1041&p=0,0,90,728&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699548100491&rpt=1044&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 69FC
43 B
94 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A4725246502857968126
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
823781397f3036fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame 656C
43 B
94 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1495519988467371757
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82378139af9436fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
server
cloudflare
i.match
s.tribalfusion.com/z/ Frame C986
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
452 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8237813cab3836da-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8237813b385636da-YYZ
content-type
text/html
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
689
Pug
image2.pubmatic.com/AdServer/ Frame F87B
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda6fd0de5ce44fb5a1c37258e99bf261
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda6fd0de5ce44fb5a1c37258e99bf261
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda6fd0de5ce44fb5a1c37258e99bf261
pragma
no-cache
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame A822
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame C981
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:i2bMDCOzHBwHsbVY-aO-&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:303e804a-c1c3-4f97-abcf-bb9b472f6ca6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:303e804a-c1c3-4f97-abcf-bb9b472f6ca6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:43 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:303e804a-c1c3-4f97-abcf-bb9b472f6ca6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame F750
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=850249877883
42 B
289 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=850249877883
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=850249877883
Pug
simage2.pubmatic.com/AdServer/ Frame FE28
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
94 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 09 Nov 2023 16:41:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame 4414
43 B
313 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 58A4
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yQaVZ-o2CWyyfmRuxwtNZQ
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yQaVZ-o2CWyyfmRuxwtNZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 08:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=yQaVZ-o2CWyyfmRuxwtNZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame D509
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b409654d-0bc3-4900-a46b-45ca742dc72d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:56905816-2296-421c-bdf8-945f6a57ed71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:56905816-2296-421c-bdf8-945f6a57ed71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 09 Nov 2023 16:41:44 GMT
Keep-Alive
timeout=5, max=2999
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:56905816-2296-421c-bdf8-945f6a57ed71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
setuid
sync.quantumdex.io/ Frame B04F
43 B
94 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8237813a082936fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:42 GMT
server
cloudflare
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame FDD0
0
363 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.0.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-0-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
9b8cc1c9-9561-45ef-996d-51ac55bf88f4
Connection
keep-alive
Content-Length
0
x-application-context
application:production
458249.gif
idsync.rlcdn.com/ Frame FDD0
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=764bfae0860f484aebdf2b17318d1ec1b79c8ebff6e3f619205685e85ae368c5791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3NjRiZmFlMDg2MGY0ODRhZWJkZjJiMTczMThkMWVjMWI3OWM4ZWJmZjZlM2Y2MTkyMDU2ODVlODVhZTM2OGM1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3NjRiZmFlMDg2MGY0ODRhZWJkZjJiMTczMThkMWVjMWI3OWM4ZWJmZjZlM2Y2MTkyMDU2ODVlODVhZTM2OGM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIx5e0qgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=84187463-519e-4791-a3b8-fcd00d6b7bb1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=84187463-519e-4791-a3b8-fcd00d6b7bb1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 09 Nov 2023 16:41:43 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=84187463-519e-4791-a3b8-fcd00d6b7bb1
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=28C0E945-35F4-407E-84C4-B03C0320B0C6/gdpr=0/ Frame FDD0
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=28C0E945-35F4-407E-84C4-B03C0320B0C6/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.240.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-240-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.78
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FDD0
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame FDD0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b1d78ee9-0178-47b2-bb40-1af566d0ac6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b1d78ee9-0178-47b2-bb40-1af566d0ac6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b1d78ee9-0178-47b2-bb40-1af566d0ac6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 09 Nov 2023 16:41:44 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2997
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
user-sync
sync.adkernel.com/ Frame 7E34
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A3553369894007549913
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=xapads&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=xapads&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NDBhNTQxNGU5MjI0MWJmMQ&gdpr=&gdpr_consent=&us_privacy=&ssp=xapads&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
42 B
353 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=3&t=image&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
Date
Thu, 09 Nov 2023 16:41:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
lb.eu-1-id5-sync.com/lb/
33 B
279 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
4dab0f7e00dd4db90586247545ce90ae4729f1d94027fda1ba4d853c96ab3258
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
tap.php
pixel.rubiconproject.com/ Frame CF6A
42 B
805 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XwF37osLWRN28KlDZE-hH_hFhD_PsmNHqU2UqGQbICw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame CF6A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
date
Thu, 09 Nov 2023 16:41:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame CF6A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=dbonR-K7Z58xwq5EcR6S0
  • https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
0
340 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 09 Nov 2023 16:41:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame CF6A
0
320 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=XwF37osLWRN28KlDZE-hH_hFhD_PsmNHqU2UqGQbICw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2098
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa3cb2957b9d1c2b14e59e469424e4ebaa8f8cc5b49c309f2f01b7f9f56d941b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 07:57:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54960
Connection
keep-alive
Content-Length
13281
Expires
Fri, 10 Nov 2023 07:57:42 GMT
usync.js
eus.rubiconproject.com/ Frame 8F71
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa3cb2957b9d1c2b14e59e469424e4ebaa8f8cc5b49c309f2f01b7f9f56d941b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 07:57:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54960
Connection
keep-alive
Content-Length
13281
Expires
Fri, 10 Nov 2023 07:57:42 GMT
csi
csi.gstatic.com/ Frame 9CF4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lorf24k4&c=5015548753147&slotId=2507774376573.5&qqid=CIjbjIeut4IDFWWO0QQd7GoDFQ&gqid=xQtNZeSpMK3jxtYP_LCWqAk&fb=ima_html5-lima&sdkv=h.3.600.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.lorf24k5&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c10::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idl.js
assets.a-mo.net/js/ Frame A99A
3 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=securityaffairs.com&e=27&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
via
1.1 12aa3fefbdb5e80269e58f34f94a99e8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
596
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8237813afde7711a-YYZ
x-amz-cf-id
rMKucSOilaVCs_EebTvl6D07XUDGEZC0vGbb3IqpF-dslinAummVbw==
expires
Thu, 09 Nov 2023 17:41:42 GMT
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=788d08ca-a4be-40a6-a62a-6061d2bde9eb&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NzAxNTU3ZDVhMTYzMjFiOA&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=1---
0
137 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Thu, 09 Nov 2023 16:41:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame A99A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?&gdpr=0&us_privacy=1---&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A&gdpr=0
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A&gdpr=0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A&gdpr=0
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=amx_com&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
0
113 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=amx_com&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=amx_com&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
date
Thu, 9 Nov 2023 16:41:42 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=openx&uid=02f940df-3030-4866-a945-960ae0445c08
0
113 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=openx&uid=02f940df-3030-4866-a945-960ae0445c08
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=openx&uid=02f940df-3030-4866-a945-960ae0445c08
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=adform&uid=191916075475754370
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=adform&uid=191916075475754370
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=adform&uid=191916075475754370
date
Thu, 09 Nov 2023 16:41:43 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dsmartads...
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=smartadserver&uid=1652812984930789700
0
135 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=smartadserver&uid=1652812984930789700
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=smartadserver&uid=1652812984930789700
date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dpubmatic%26uid%3D28C0E945-35F4-407E-8...
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=pubmatic&uid=28C0E945-35F4-407E-84C4-B03C0320B0C6
date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=index_rtb&uid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=index_rtb&uid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBcwExURXglT5dgudbS20xosidR5IdkLr6ruQtpmYic%2FaCui1dS1URffIaI7qCorZZLZvfaa7FamqTCXCbAFicq81u3yul4lyBRxaWLzWgxmQTkAQd4%2FfEge0StUokelVYmYCLkG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=index_rtb&uid=ZU0LxIQ.p-0qjlW3xTznXgAA%261452
cache-control
no-cache
cf-ray
8237813b09fc5431-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Thu, 09 Nov 2023 16:41:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=sovrn&uid=HoNphPZHfo40qwB1T-6mCZeS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame A99A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D788d08ca-a4be-40a6-a62a-6061d2bde9eb%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=appnexus&uid=8365386662731688929
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=appnexus&uid=8365386662731688929
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
9ae01c89-3844-4f19-b829-554d547ada84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=788d08ca-a4be-40a6-a62a-6061d2bde9eb&bidder=appnexus&uid=8365386662731688929
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame A99A
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb&do=securityaffairs.com
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
an-x-request-uuid
b0169595-e266-4ed5-9de2-45cecbaefd66
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame A99A
0
249 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb&do=securityaffairs.com
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
content-length
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/ Frame A99A
86 B
707 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb&do=securityaffairs.com
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
khaos.json
token.rubiconproject.com/ Frame 2098
7 B
892 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LORF21YV-1G-7I30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D98
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8794491231109&version=m202309260101&ct=76&x=6&cor=13795544824782940000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=AzCq4HxraXhxUms5a0N1UGtFbWYzVk85S3FscnY3NWVLY0JSN0p5bUh5TzlzdHZaVFlqMmF3dTc2QzR1T0ltSUZqMUlYSWdFb3NYWitnV0hJZ052THBpamtxWUVWVFhFZ0J6SXo0bEUwL2t1L0JSL2dCd1pSeDRHV05oWWk3ZzZtTS9FTFJZVE5yNS9WVGV6Y1R1NGpxdFVhcTl4SlRkK2VkTWhkRmRzMGxIdzAwYnlVQWRFNndXOGUxRDdsWG1nMm5FTUd4eVFmbG5yVExrODRwTFZneXhnZWZoaGlyQmVVV3J3MXVKQkxrbjQrcHJpZHJOK0gweUtsVjkxcmg3blZvZEVJfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 09 Nov 2023 16:41:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
424937
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame ECD1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNCFSOMrGgvTeMufnHqw9ftxak07S7tsTaPScXTzbPFpSe_sFrFME3y-MaPTzyub-lsOLGqPyvlT1p69x3F9ihP4RpMmd8sOjuUfSRKXjlPQHeYNDi0YWUz_pzxXbqC5MArsF7Lmbsow&sig=Cg0ArKJSzPFNGmdzJ7-WEAE&id=lidar2&mcvt=1010&p=1110,436,1200,1164&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2122448310&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699548099791&rpt=2141&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b18e1253-524f-40c0-90a2-362b3d20d0a8
https://prebid.a-mo.net/ Frame A99A
180 B
0
Other
General
Full URL
blob:https://prebid.a-mo.net/b18e1253-524f-40c0-90a2-362b3d20d0a8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
544f1285bad8e5cb7a2821f58c41b0d70a9738a8621bbb70ed78fad192ab1413

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
180
Content-Type
khaos.json
token.rubiconproject.com/ Frame 8F71
7 B
892 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LORF21YV-1G-7I30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
match
events-ssc.33across.com/ Frame 2098
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LORF21YV-1G-7I30
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LORF21YV-1G-7I30
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LORF21YV-1G-7I30&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LORF21YV-1G-7I30&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:42 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LORF21YV-1G-7I30&ts=1699548103&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
fed
ups.analytics.yahoo.com/ups/58771/ Frame A99A
316 B
601 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=securityaffairs.com&e=27&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
17446543d91098da993ab366220b1ebf065184a12022764ed7dbeedf681190ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
cs
cs.yellowblue.io/ Frame 8F71
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LORF21YV-1G-7I30
  • https://cs.yellowblue.io/cs?aid=11590&id=LORF21YV-1G-7I30
0
326 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LORF21YV-1G-7I30
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.232.190.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-190-217.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LORF21YV-1G-7I30
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
696.json
id5-sync.com/g/v2/
598 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
2f9c29c2c137ab3bfa3d04931e44e87f5bf4c98915d4e1c61d4b1c44283082e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 09 Nov 2023 16:41:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
65 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CsQ91xQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAGgBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&sigh=STELCC7kMQ4&label=video_ad_loaded&sdkv=h.3.600.0/vpaid_adapter&vci=Co8BCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1IjEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 9CF4
0
0
Fetch
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CzfYzxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kuSBREIEhAFGA8w59P-gOqmsNnhAaAGVIAHsouisQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOntLagIAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkvaHR0cHM6Ly90cnkubGVzbWlsbHNvbmRlbWFuZC5jb20vP2djbHNyYz1hdy5kcyaACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgED4g0TCIjpi4eut4IDFWWO0QQd7GoDFcITBhiF6LijAtgTDYgUAdAVAeIWAggBgBcBshcfCh0IABIUcHViLTc3NTM1MzcxNTcwNTU2MzEYkc-PAQ&sigh=bxH3aJfQUvE&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&sdkv=h.3.600.0/vpaid_adapter
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 9CF4
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 14:09:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CF4
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.600.0%2Fvpaid_adapter&e=44752052%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=2007273437808333&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B26090200.308067092;dc_pre=CJr-gIiut4IDFSYPaAgdLT8PPw;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_e...
ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/ Frame 9CF4
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_pre=CJr-gIiut4IDFSYPaAgdLT8PPw;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_f...
42 B
119 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_pre=CJr-gIiut4IDFSYPaAgdLT8PPw;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=17574518252748544294;dc_av=66056;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1367557.1983527YOUTUBE/B26090200.308067092;dc_pre=CJr-gIiut4IDFSYPaAgdLT8PPw;dc_trk_aid=501035650;dc_trk_cid=154000640;ord=3086183529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=17574518252748544294;dc_av=66056;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
65 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 9CF4
42 B
66 B
Image
General
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=17574518252748544294&acvw=sv%3D958%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,706%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15023%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D0,0,0,6,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548103473%26pngs%3D9,14,15%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
65 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D958%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,706%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 9CF4
42 B
108 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D958%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,706%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15023%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26i0%3D33554706%26ic%3D0%26cs%3D33554706%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D0,0,0,6,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548103475%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame 9CF4
0
0
Image
General
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=CumI2nIwY3KS-4wp&docid=4bLBNqAfqec&referrer=https://securityaffairs.com/153882/security/sumo-logic-security-breach.html&visitordata=Cgs5N250c0szM3dhNA%3D%3D&of=2dVkz7e1rF9t_XNU6wGWIw
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::be Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
65 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=admute&ad_mt=0&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D958%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,706%26tos%3D0,0,0,17,0%26mtos%3D0,0,0,17,17%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame 9CF4
42 B
402 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D958%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,706%26tos%3D0,0,0,17,0%26mtos%3D0,0,0,17,17%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D17%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D17%26pst%3D-1%26dur%3D15023%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D17%26is%3D33554706%26i0%3D33554706%26ic%3D4096%26cs%3D33558802%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D0,0,0,6,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548103483%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,17;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame F8CE
43 B
94 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A907824279182366546
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8237813f89a936fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:43 GMT
server
cloudflare
216d6a89-bc9e-4be2-9128-9e8f6e4043b7
quantumsyndication.com/pixel/ Frame 9840
43 B
366 B
Image
General
Full URL
https://quantumsyndication.com/pixel/216d6a89-bc9e-4be2-9128-9e8f6e4043b7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG6E%2BHyaoxV%2BpeaaX8eQLy79iVcAVtKVJan3wcg%2BzlVoCMQJedmnb4oDhkhpeyxiQNF%2FdrKyuVwH%2B3hBlOKtxmwhoAvK3WKhHRSSFdnOhKhFfYqtkLFd9%2Fs1FPjjOp2beKNE0gy%2FR5ptXDcHMLVDIqBhwvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
8237813f9e8154a3-YYZ
content-length
43
bill
rtb-useast.rtbserve.io/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb-useast.rtbserve.io/bill?i=70atgBUHD3M_0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
win
rtb-useast.rtbserve.io/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb-useast.rtbserve.io/win?i=70atgBUHD3M_0&p=1699548098.184388&f=imp
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:43 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
win
win-rtb2-useast.xaprio.net/ Frame 9840
42 B
233 B
Image
General
Full URL
https://win-rtb2-useast.xaprio.net/win?i=tVG3zSBsQvY_0_0&f=IMP&ts=1699548098280
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2604:9e00:1:129::2:ae0 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:44 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
vwimp
rtb2-useast.xaprio.net/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb2-useast.xaprio.net/vwimp?i=tVG3zSBsQvY_0_0&s=0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:44 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
cc.jpeg
px.vliplatform.com/imp-v4/
0
500 B
Image
General
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBZeKZYPw-rPyq-PYyA-waww-rBqYqUPYUaTeRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRwNjxqfzxdrtbRhNAGZRlmNBAAbTUMRdzNcortg%20gxzlzktqdRrdzNRwkhNRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W6FiBLTJ43OcrUczzoo3wGPUfGMCPAbptcoiqN8MZZmXtepdN7XzkSgS%2BO03OF7swnip0qZxk4nWD4qrwwUZgjkWfSfNErObdt9sGtZg7Eo%2Bskjdr8b%2FQkNetVPttoefKEjh%2B2qLB9kLjBdBf5S4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237813f8d9e711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/vi-v4/
0
509 B
Image
General
Full URL
https://px.vliplatform.com/vi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMBTYetUA-rAUr-PKqw-wtAq-PrZZByZAAMPeRqeNlzqkzRznhtNhqorRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:43 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQhVrtdEr8d0BfEq2mAlW1qXp1MmWSqmzoFZO%2FBGbXIF%2BL6nC1wZNGyTPUKqiIt8TDld8w8Vo%2BxtpvZAdvmmQYRN9bfcRAaup3LYfqmnkP%2Fl%2BJIiCG%2F%2BMLMUYCqj4z%2FhdheKuszLoGxECV%2BQelHWLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237813f8da0711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 9534
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
181431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 14:17:52 GMT
expires
Wed, 06 Nov 2024 14:17:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 9534
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 08:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
114862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 08:47:21 GMT
setuid
sync.quantumdex.io/ Frame 7E34
43 B
118 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A3553369894007549913
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
823781422e1f36fa-YYZ
content-length
43
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:44 GMT
server
cloudflare
videoplayback
rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com/
895 KB
895 KB
Media
General
Full URL
https://rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com/videoplayback?expire=1699576902&ei=xgtNZciTBJuCy_sPypCT4AQ&ip=70.25.255.182&id=e1b2c136a01fa9e7&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=GJ&mm=31&mn=sn-cxaaj5o5q5-tt1y&ms=au&mv=u&mvi=3&pcm2cms=yes&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1698800938247226&mt=1699547241&cpn=CumI2nIwY3KS-4wp&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRAIgP9clVvKPmNUSsBGb4v5i8ZhxK3QeayyHxnuHfiABGXoCIAPM6q8PeMNf5tgPaTmQttY2OhRO5HP0kFt-W3XB3RFR&lsparams=mh,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AM8Gb2swRQIgVeb7TC6nHui7D5h1HPvlvzM0hRefRXnCYzLpMregGqQCIQDuid17_wGAbG-_9LAL6vRtjH8YkJEWWC4iFqr1M1Zhxg==
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4958:300:4f2::e , Canada, ASN577 (BACOM, CA),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
69fdaaef9c855b02043efbb6c0a319f612e2148944a78d744579bbb2a9647603
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range
bytes=2293760-

Response headers

client-protocol
quic
date
Thu, 09 Nov 2023 16:41:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Nov 2023 01:08:58 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 2293760-3210459/3210460
cache-control
private, max-age=28498
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
916700
expires
Thu, 09 Nov 2023 16:41:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 12AB
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42942643&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
87323633233b1c48ab3f665c024223c31c44e71a698ab2d495d7211051e76b3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 09 Nov 2023 16:41:42 GMT
content-length
1327
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 0CD4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005&rndcb=1573359014
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0b5b6b35040144cba5d04f524df09a01&ssp=adconductor&bsw_param=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/ce3988e6-521c-4e9a-88e5-bb39fb01da0b?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
42 B
333 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 09 Nov 2023 16:41:44 GMT
ETag
RX10ee9d11923d437482cba9de0ccf37c2005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
pub
matching.truffle.bid/sync/ Frame 1628
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 09 Nov 2023 16:41:44 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 11B9
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:44 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-1dab0ba128e8@version_1.575v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame C509
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7528345012076470423P
42 B
96 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7528345012076470423P
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=15049
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 09 Nov 2023 16:41:44 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7528345012076470423P
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 3AFD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B&gdpr=0&gdpr_consent=
1 B
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:41:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 09 Nov 2023 16:41:44 GMT
expires
Wed, 08 Nov 2023 16:41:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D49FE6139CB34124B84DD67D7B3FB79B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
u.4dex.io/ Frame 4A5E
0
15 B
Document
General
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 09 Nov 2023 16:41:44 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
/
bpi.rtactivate.com/tag/ Frame 12AB
43 B
110 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.145.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-145-176.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:44 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i6.liadm.com/s/ Frame 12AB
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:c919:35a9:9cba:2762 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:44 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=28C0E945-35F4-407E-84C4-B03C0320B0C6
Date
Thu, 09 Nov 2023 16:41:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame 12AB
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28C0E945-35F4-407E-84C4-B03C0320B0C6&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.240.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-240-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.60.217
content-length
49
expires
0
/
io.narrative.io/ Frame 12AB
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6
  • https://io.narrative.io/?io.narrative.guid.v2=ddf71cd1-7f1e-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6
0
247 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=ddf71cd1-7f1e-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
34.206.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-203-200.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:44 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=ddf71cd1-7f1e-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:28C0E945-35F4-407E-84C4-B03C0320B0C6
Date
Thu, 09 Nov 2023 16:41:44 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5A82
47 B
226 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71169747&p=157940&s=1059878&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 08 Nov 2023 20:11:08 GMT
content-length
47
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9534
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.600.0&bgai=BYiTLxQtNZcjkMeWcxtYP7NWNqAEAAAAAOAG6BRMIpKCLh663ggMVrbHRBB18mAWV&bg=!c3ClcD_NAAb4oU7C2KE7ADQBe5WfONQeIUzA_UOHqhF_B5T4L8E91IEBw6y0rAKAB-bV1QscKcnkUH1v_oX3m7IreiAxAgAAAIpSAAAAA2gBBwoBNybmTl64JO4mfrlYNBTIGAqS_TSUVvR00f06odvOaj6Ppu32RJgNxH8ccTy_wwu7KY7cDL0YkmIuEVxmJkhjFRPhyvmqNrfQ3SB7VWf2oz_ShhgxgKv9lm4a1l8rFpgzF4lnQSkJh3YqlpdifevPwiZFMi3wSwreLZsLUVjLmyb3ozBbVWzodhik-6_lhy5lNpMVJtRoP0yDIDo-TsJ8oJoPnvh6reIUpPBZK22eeF9upNXYoU55dtAhSfxGuxIHE3DRrP7LRsjKp8XKfcFfGUHIyz1Sqwya_avh1T8euwfgbsj9GPHp158b7zsMx1w6ZU4mTBYOjW2BxDD15_Nhiam6EY2vxwUXftboLpvG3BPllG1CrSHsK0c7CEVVpobKtCswmLg66cy2tZfX3JYxK51sJQyPxGobmQI3IeR8cqbxgtCWL0R3E4H-RiTLywo70QOl90ngC829ULxEcfeBFk4C0ccBjPXbCEDB8lcgPFD_3vDVQY5ueE0FNRK1Y0o9qFBeBbm5BvPfwQIqs180kjVibpcXoncD8_b565yWal8iEnQ8eldk5exjqM4pcsFJQtTXHY8YAqBh3mbQNc8sSVDAWXD99MviH3Io_aAmVVhajAspoEK3Kw-RF-o3slp_xKvuacnzb9xOJCcypXD-z0nY4iAsQ4U17nYSM-2mmY9O4qzZpkhjFH5xHugxa_301DqAEqH0sw23tSaDPDq8Swjm0xHzqkMxAURfz5yjjAJpauCuG8ycJXPPDSWDH3AV0VBOInA_jtG2kHEcIpep_vb3uoBMrCvkZ3XQ3K3oaWvzppIAnIxmFeJ3JPi9K4oKFhGOG-k02xQ-WDUO2MVd5d7EYYBveONmu16C9nMVdotT-WKdB7DQikhJrg-XzSTU6XxBjzC5hnl1MHpIldNETjfzHT5xVPdcqn9u77p53C3e5iEnXDTrL_JD-zj2AoMzYP5Xdbz1MmTfwi4nTXPDa-oE2wQ0qJ11-xLoHkY3wsaca5ACn1tTR9l2_VZWoARf-lfNVspWQPGPwS5YZFO8yzbCHHmqTk_82JzZ5-kFERh7eFD6JCT0XluFHsolzomm4boEQhLFw-72k470NKKWOi_zPdN8_jYW0MPkwAfoBwpKzqwyP5u8PlKGwrFWGDdjVFJK3h-9c7AIzUUKIaP4OCvO
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 08D3
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157940&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:35:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame FDD0
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?initSuccess=f&latency=5002&slotLoadingDone=f&gptCorrelatorRetrieved=t&gptStreamCorrelatorRetrieved=t&lid=184&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Fsecurityaffairs.com%2F&ref=https%3A%2F%2Fsecurityaffairs.com%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9840
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.600.0&e=44772139%2C44777649%2C44781409%2C44802172%2C44802463&id=ima_html5&c=1384225289980155&domain=securityaffairs.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 59C2
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=28C0E945-35F4-407E-84C4-B03C0320B0C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 09 Nov 2023 16:41:45 GMT
via
1.1 google
test_oracle
pd.sharethis.com/pd/ Frame 2763
438 B
675 B
Script
General
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.17.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-17-37.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
db2ee699f488654393683e9cbcbf61c2a67a4b4e6ddf3c7b5655912e9b9e8a1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
adnxs
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.sharethis.com/adnxs?uid=8365386662731688929&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/adnxs?uid=8365386662731688929&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:45 GMT
an-x-request-uuid
fe099ad3-2190-42d4-9383-48d59f46d49d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.sharethis.com/adnxs?uid=8365386662731688929&gdpr=0&gdpr_consent=
x-proxy-origin
70.25.255.182; 70.25.255.182; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame CC51
43 B
247 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=12608&puuid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&rand=1699548105819&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:45 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F204A1050F674250A4576194583C55A9 Ref B: YTO01EDGE0416 Ref C: 2023-11-09T16:41:45Z
linkedin-action
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
content-type
image/gif
x-li-proto
http/2
content-length
65
x-li-uuid
AAYJuuEhIubFZUhCCoYvkA==
receive
pixel.tapad.com/idsync/ex/ Frame CC51
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZHeACGVNC8AAAAAIDkNZAw%3D%3D
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3bb9e9c8-0485-4926-b486-156051b1d83a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=16812333711407351530746346095360530410&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=16812333711407351530746346095360530410&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-va6-2-v052-04a8e0522.edge-va6.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
q3L15vaCQ2g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=16812333711407351530746346095360530410&pt=3bb9e9c8-0485-4926-b486-156051b1d83a%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
roqad
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://ws.rqtrk.eu/pull?pid=2583191d-9d1a-483f-97ec-86ebd89e7576&tr=1&g=1&return-unstable=true&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.sharethis.com%2Froqad%3Fuid%3D%24BROWSER_ID%26gdpr%3...
  • https://sync.sharethis.com/roqad?uid=303d1f98-0dcb-49e6-9f43-501e10ec4783&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/roqad?uid=303d1f98-0dcb-49e6-9f43-501e10ec4783&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:46 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://sync.sharethis.com/roqad?uid=303d1f98-0dcb-49e6-9f43-501e10ec4783&gdpr=0&gdpr_consent=
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Thu, 09 Nov 2023 16:41:45 GMT
mw
mwzeom.zeotap.com/ Frame CC51
Redirect Chain
  • https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZHeACGVNC8AAAAAIDkNZAw%3D%3D
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0a8bdb63816d824d9240fe8dd61ce4fb&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ba5a21473cb5f55d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=27eb7581ee8f6765cddb0bd5d4f48ed8&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=0633bcd8-fc67-447d-af38-f03f3b151a77&icm&gdpr=0&gdpr_consent=&cver
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba5a21473cb5f55d
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc6ee32f649&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECjPUq0VNNyyjGI1A0-ZIY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc...
95 B
166 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECjPUq0VNNyyjGI1A0-ZIY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc6ee32f649&zcluid=ba5a21473cb5f55d&zdid=1332
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://t.sharethis.com
access-control-allow-credentials
true
cf-ray
823781567d77549d-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECjPUq0VNNyyjGI1A0-ZIY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac862f81-e5d4-4bdd-76ec-a05b151efce8&reqId=2ecc9376-4338-4f77-58eb-7cc6ee32f649&zcluid=ba5a21473cb5f55d&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 12AB
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bk-coretag.js
tags.bkrtx.com/js/ Frame 2763
51 KB
16 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.86.160.58 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-160-58.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 09 Nov 2023 16:41:46 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
x-akamai-ew-subworker
8096267
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Thu, 16 Nov 2023 16:41:46 GMT
5386
tags.bluekai.com/site/ Frame 172B
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHeACGVNC8AAAAAIDkNZAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23364%26cid%3Dc010%26...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
62 B
307 B
Document
General
Full URL
https://tags.bluekai.com/site/5386?id=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.128.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-128-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Thu, 09 Nov 2023 16:41:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

content-length
221
date
Thu, 09 Nov 2023 16:41:46 GMT
location
https://tags.bluekai.com/site/5386?id=0633bcd8-fc67-447d-af38-f03f3b151a77&gdpr=0&gdpr_consent=
server
Kestrel
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
66 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=videoplaytime25&ad_mt=3911&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D958%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,3968,0%26mtos%3D0,0,0,3968,3968%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 9CF4
42 B
108 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D958%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,3968,0%26mtos%3D0,0,0,3968,3968%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3968%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1027%26pst%3D419%26dur%3D15023%26vmtime%3D3911%26dvs%3D0%26dfvs%3D0%26dvpt%3D3951%26is%3D33554706%26i0%3D33554706%26i1%3D33554706%26ic%3D0%26cs%3D33558802%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,3968,3968%26qnc%3D0.48%26qmv%3D0%26qnv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,26,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548107435%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3968;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vtrack
rtb2-useast.xaprio.net/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb2-useast.xaprio.net/vtrack?i=tVG3zSBsQvY_0_0&event=first_quartile
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:47 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
vast-track
rtb-useast.rtbserve.io/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb-useast.rtbserve.io/vast-track?i=70atgBUHD3M_0&ve=first_quartile
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:47 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
cc.jpeg
px.vliplatform.com/vi-v4/
0
498 B
Image
General
Full URL
https://px.vliplatform.com/vi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYZh-MBTYetUA-rAUr-PKqw-wtAq-PrZZByZAAMPeRqeNYZhRznhtNhqorRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:47 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxPjdnieXgxS2MW9jXAVNkYULVK3nCKNffYZ2ge3wtiLbXV0dwXmIBV5rXvULZc2OJWCpEH1iTYSpB5Il6dTMReM52h%2Bv1PXQsOUC8J0qXsFfjTGUaqX53SWhNx9iVFug5T1PJwGWH7dD9ydDTz1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82378157a820711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
67 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=video_skip_shown&ad_mt=5239&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
68 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=videoplaytime50&ad_mt=7630&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D958%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,7687,0%26mtos%3D0,0,0,7687,7687%26am...
ade.googlesyndication.com/ddm/activity_ext/ Frame 9CF4
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D958%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,7687,0%26mtos%3D0,0,0,7687,7687%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7687%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2031%26pst%3D419%26dur%3D15023%26vmtime%3D7630%26dvs%3D0%26dfvs%3D0%26dvpt%3D3719%26is%3D33554706%26i0%3D33554706%26i1%3D33554706%26i2%3D33554706%26ic%3D512%26cs%3D33559314%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,3719,3719%26qnc%3D0.48%26qmv%3D0%26qnv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D45%26emuc%3D0%26emb%3D0,0,0,44,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548111153%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7687;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vtrack
rtb2-useast.xaprio.net/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb2-useast.xaprio.net/vtrack?i=tVG3zSBsQvY_0_0&event=midpoint
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
vast-track
rtb-useast.rtbserve.io/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb-useast.rtbserve.io/vast-track?i=70atgBUHD3M_0&ve=midpoint
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
cc.jpeg
px.vliplatform.com/vi-v4/
0
496 B
Image
General
Full URL
https://px.vliplatform.com/vi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZAh-MBTYetUA-rAUr-PKqw-wtAq-PrZZByZAAMPeRqeNZAhRznhtNhqorRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:51 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBS7dNYESSpgug1KtsRF13WJPQueMUEuePfDXBrB%2B7cKP3HWQixzItqnaxtcxiwPP0FfgMoHe1Z1bww3HSJ8EHO6zd%2B2wRXr0T0a2CXUVsE9C9lIQ1MvHpZ4f9jMj6cbeuHiszqIg09CXO%2FqN6oS1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
8237816eeb93711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
dc_oe=ChMImZnOhq63ggMVyZSfCh0rRAbFEAAYACCZlK9cQhMIkJy5ha63ggMVYhyICR2plAtH;met=1;&timestamp=1699548111970;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5D98
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImZnOhq63ggMVyZSfCh0rRAbFEAAYACCZlK9cQhMIkJy5ha63ggMVYhyICR2plAtH;met=1;&timestamp=1699548111970;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame 9CF4
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CsQ91xQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5BXxxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7p...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5BXxxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAHABW6gBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIiNuMh663ggMVZY7RBB3sagMVEAEYASAAEgLFUPD_BwE&num=1&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&client=ca-video-pub-3990748024667386&ctype=110&label=video_10s_engaged_view&ad_mt=10021&nis=5&dblrd=1&sig=AOD64_1WVkLRJj0ipIBhI_i7m_aCo6B_Vg&adurl=https://ad.doubleclick.net/ddm/trackclk/N1367557.1983527YOUTUBE/B26090200.308067092%3Bdc_trk_aid%3D501035650%3Bdc_trk_cid%3D154000640%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
172.253.62.154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5BXxxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgS1BE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348lY4Zlu8a8cUVY40P_2TpPEfdRRu2dhV9aOZtjZvHgtFPEaOM1pYjyTXqN_3gbABP6nnJSvBOAEAYgFkOPt9kuSBQYIAxABGAGSBQYIAxACGAHABW6gBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSFodHRwczovL3RyeS5sZXNtaWxsc29uZGVtYW5kLmNvbS-xCUiVZZkYFHNGgAoDyAsB0AsO4AsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4NavxNHP8qhXEgIBA5oNAQ6qDQJDQcgNAeINEwiI6YuHrreCAxVljtEEHexqAxXYEw2IFAHQFQHiFgIIAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIiNuMh663ggMVZY7RBB3sagMVEAEYASAAEgLFUPD_BwE&num=1&cid=CAQSOwDICaaNFKgQksriMPTssNP884zl9tMNK-uU6f6vEnPsT_lQGDXZdsUSlDj7tSk-_Iv9waSwQsBp8F28GAE&client=ca-video-pub-3990748024667386&ctype=110&label=video_10s_engaged_view&ad_mt=10021&nis=5&dblrd=1&sig=AOD64_1WVkLRJj0ipIBhI_i7m_aCo6B_Vg&adurl=https://ad.doubleclick.net/ddm/trackclk/N1367557.1983527YOUTUBE/B26090200.308067092%3Bdc_trk_aid%3D501035650%3Bdc_trk_cid%3D154000640%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
www.youtube.com/api/stats/ Frame 9CF4
0
0
Image
General
Full URL
https://www.youtube.com/api/stats/watchtime?state=playing&st=0&et=10&rti=10&cmt=10&rt=10&rtn=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=CumI2nIwY3KS-4wp&docid=4bLBNqAfqec&referrer=https://securityaffairs.com/153882/security/sumo-logic-security-breach.html&visitordata=Cgs5N250c0szM3dhNA%3D%3D&of=2dVkz7e1rF9t_XNU6wGWIw
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::be Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

0633bcd8-fc67-447d-af38-f03f3b151a77
map.go.affec.tv/map/ttd/ Frame CC51
Redirect Chain
  • https://map.go.affec.tv/map/st/?pid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=
  • https://match.360yield.com/match?dsp_callback=1&publisher_dsp_id=440&external_user_id=654d0bd2bc6e410001a268b0&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%7BPUB_USER_ID%7D%3Fch%3D654d0bd2bc6e4100...
  • https://map.go.affec.tv/map/im/c4df7e7f-62c6-4761-bf16-33e03eb65218?ch=654d0bd2bc6e410001a268b1&chc=st&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D654d0bd2bc6e410001a268b1%26chc%3Dst%257Cim%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://map.go.affec.tv/map/an/8365386662731688929?ch=654d0bd2bc6e410001a268b1&chc=st%7Cim&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/0633bcd8-fc67-447d-af38-f03f3b151a77?ttd_puid=&gdpr=0&gdpr_consent=
0
656 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/0633bcd8-fc67-447d-af38-f03f3b151a77?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
44.197.9.244 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:54 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/0633bcd8-fc67-447d-af38-f03f3b151a77?ttd_puid=&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:41:54 GMT
server
Kestrel
content-length
229
3.gif
id5-sync.com/c/121/104/0/ Frame CC51
Redirect Chain
  • https://id5-sync.com/s/121/2.gif?puid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=1efed8752c7110fc&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAHavOPE-W9fANIrtQxAAAAAAA&expiration=1699634514&is_secure=true&gdpr_consent=&gdpr=0
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F104%2F0%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/121/104/0/3.gif?puid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://id5-sync.com/c/121/104/0/3.gif?puid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H2
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 09 Nov 2023 16:41:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/121/104/0/3.gif?puid=ce3988e6-521c-4e9a-88e5-bb39fb01da0b&gdpr=0&gdpr_consent=
Date
Thu, 09 Nov 2023 16:41:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame CC51
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=m4omg6v&t=gif&call=2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&bid=1e2n4ou
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:41:54 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=0633bcd8-fc67-447d-af38-f03f3b151a77&bid=1e2n4ou
date
Thu, 09 Nov 2023 16:41:54 GMT
server
Kestrel
content-length
191
img
api5137.d41.co/sync/ Frame CC51
43 B
770 B
Image
General
Full URL
https://api5137.d41.co/sync/img?req=api5137&cust=269&p1=ZHeACGVNC8AAAAAIDkNZAw%3D%3D
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.173.88 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Date
Thu, 09 Nov 2023 16:41:54 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000; includeSubDomains
Expect-CT
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=ISO-8859-1
access-control-allow-origin
https://t.sharethis.com
Cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
image.sbxx
global.ib-ibi.com/ Frame CC51
Redirect Chain
  • https://ib.mookie1.com/image.sbmx?go=304847&pid=583&xid=ZHeACGVNC8AAAAAIDkNZAw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&google_sc&pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw==
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw==&google_gid=CAESEHyvVtFj6FLkGKNZY22zCZw&google_cver=1
0
0

oracle
sync.sharethis.com/ Frame CC51
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHeACGVNC8AAAAAIDkNZAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=ABKWwytx99OhT6Nk&BK_SWAP_DEST=5957
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/oracle?uid=ABKWwytx99OhT6Nk&BK_SWAP_DEST=5957
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Server
18.118.57.12 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-57-12.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:41:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeACGVNC8AAAAAIDkNZAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=ABKWwytx99OhT6Nk&BK_SWAP_DEST=5957
date
Thu, 09 Nov 2023 16:41:53 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9CF4
42 B
69 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6V4hxQtNZcjkMeWcxtYP7NWNqAG3-PiHdMj3s5ndEZm_1YrrNhABIMW_4pkBYP3oooHwA6ABhei4owLIAQWpAoGfSU5Q56M-4AIAqAMBmAQAqgSyBE_QjkAZy7ytf9Q5m482_hKhuctlb7pdq69FwX2WkWt5XblURB_n7jTmhL7WTWlfGmI57Fd0uxBLfWIAefbsTPRks_iK616K5aI66jIUyd8c8EdLF9tRLfRWIjIzkFL-pLs6xMYrUFZVhOVkkD_toTN8xc2808c7rOBX9PSZe5mWj3YQ1UKTPBfali7tGUQS0cNUhnSwZmtz03FqWCYNqPLr09XMW4SAFQeR4aNo1yfC-5eJEAjkqRFT-Xp4tW-NUXOAKa-FxKUhk27pHrxLxMDVqIAK1gOW6gFBtkL2mdmuqxf5ZgM0BHMJfr-4oZ7oY3ju2SC7QBoGfSZavfIOnq_ypAPm55wcuINA8AB3IR3ZLBpr9NRuvv1FA9Azz6pHd8hD06-Ncw1hMtQ5cv0xQyLRtsGrJSivxEkbmigCgrLjiNiyHaiDmcVUXLI_lt0PjEQgsAGig0GkRl4BHk5pu-5H2pSOVhcF1v0nbZRShxsQ4BPmvVMQiIB76GgiPd7zOdZrUtWAQlsoQGYHqB4HVXqLUvRbQ9XjHSxz0G_mhu9TEZfVODR9Xe7T0ysiHnpHJBV9UT_x84-NuR6WvSk9cQXHd0XmXRB2P_CDRr2f8NJlaA3Jcw2Q2mEcsp4k6urmhNoNi6qawXH023rw-IIz8GTKnQpYiOKhv5LJmNpu2LlwQ9cDSNu348kA4AObYj1Kw_G0D9N7kb0ygs-jbDNFXT6ESMB-bJ825iymFuFxx5VUci7ABP6nnJSvBOAEAYgFkOPt9kugBlSAB7KLorEBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLaDBAKChDg1q_E0c_yqFcSAgEDqg0CQ0HiDRMIiOmLh663ggMVZY7RBB3sagMV2BMNiBQB0BUB4hYCCAH4FgGAFwE&sigh=ZuGT7mMRDgU&cmd=Ch1jYS12aWRlby1wdWItMzk5MDc0ODAyNDY2NzM4NhAAGAI&label=videoplaytime75&ad_mt=11349&sdkv=h.3.600.0/vpaid_adapter&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDkxMzMzMjkzNTIyDDY3ODg0Mjg2NDYzNEDOA1ImEA8lAACgQSgBOgs0YkxCTnFBZnFlY0IJZ29vZ2xlYWRzSIsJUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D958%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,11406,0%26mtos%3D0,0,0,11406,114...
ade.googlesyndication.com/ddm/activity_ext/ Frame 9CF4
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17574518252748544294;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D958%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1119,406,1287,705%26tos%3D0,0,0,11406,0%26mtos%3D0,0,0,11406,11406%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11406%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3033%26pst%3D419%26dur%3D15023%26vmtime%3D11348%26dvs%3D0%26dfvs%3D0%26dvpt%3D3719%26is%3D33554706%26i0%3D33554706%26i1%3D33554706%26i2%3D33554706%26i3%3D33554706%26ic%3D0%26cs%3D33559314%26c%3D0.48%26mc%3D0.48%26nc%3D0.48%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,3719,3719%26qnc%3D0.48%26qmv%3D0%26qnv%3D0%26lte%3D0.48%26ces%26femt%3D664%26femvt%3D0%26emc%3D64%26emuc%3D0%26emb%3D0,0,0,63,0%26avms%3Dexc%26qi%3D833541318%26psm%3D-2147479553%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1699548101469%26ptlt%3D1699548114872%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11406;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1699548102306?
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:41:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vtrack
rtb2-useast.xaprio.net/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb2-useast.xaprio.net/vtrack?i=tVG3zSBsQvY_0_0&event=third_quartile
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:54 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
vast-track
rtb-useast.rtbserve.io/ Frame 9840
42 B
233 B
Image
General
Full URL
https://rtb-useast.rtbserve.io/vast-track?i=70atgBUHD3M_0&ve=third_quartile
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.50 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:41:54 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
cc.jpeg
px.vliplatform.com/vi-v4/
0
503 B
Image
General
Full URL
https://px.vliplatform.com/vi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKZh-MBTYetUA-rAUr-PKqw-wtAq-PrZZByZAAMPeRqeNKZhRznhtNhqorRmNTAKUUKRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/153882/security/sumo-logic-security-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:41:54 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 16:41:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epjj3m0HqYm6E9%2B2uM0oZAMo4kIR8pwtnh8zky%2F6wR6erZ%2F1AmuEubaWwWdGQgc8mrRD96CfSJ7mptwvgqdTawGnzFWr%2BKwJ5tMUxxcYN0%2BxRriLxufzOA8aP2f23JFZIGQmBJfTf5Rlin8GIDQP%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
823781861853711a-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
URL
https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
Domain
sync.extend.tv
URL
https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEET66V58jcNuvxzQY0szsDY&google_cver=1&google_push=AXcoOmRdfmfWLkEoZO0BGJnOcl53xYG8X_kbMIjc6z7NgXUD82ENIouV0kkeGvxm_Nxty6W6d5l2wCdBI4Zqsk3-rtlGA9-_lttiTPtl
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/153882/security/sumo-logic-security-breach.html&tl=https://securityaffairs.com/153882/security/sumo-logic-security-breach.html&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAHZQXMKJNuCO8E97gUEaRg&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw&google_cver=1
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw==&google_gid=CAESEHyvVtFj6FLkGKNZY22zCZw&google_cver=1

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| documentPictureInPicture object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer object| vitag object| swv object| wpcf7 object| Main number| uidEvent object| bootstrap function| WOW function| moment object| local_data function| IsEmail function| commentliked function| commentdisliked object| _stq function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| wp object| twemoji function| getEidsByVLI object| gaplugins object| gaData object| $sf function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| googletag object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| observeElementInViewport object| apscustom object| Criteo object| sas object| apntag object| _ADAGIO object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| closure_lm_958568 object| closure_lm_490673 object| closure_lm_97061 object| closure_lm_901656

321 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQi_7Xp7sxCgoIkQIQi_7Xp7sxCgoItAIQi_7Xp7sxCgoI5gEQi_7Xp7sxCgoIhwIQi_7Xp7sxCgoItwIQi_7Xp7sxCgkIOhCL_tenuzEKCgiMAhCL_tenuzEKCQhfEIv-16e7MQoJCB8Qi_7Xp7sx
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARC6FgoJCP____8HEMQW
i6.liadm.com/s Name: _li_ss
Value: CgA
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.sharethis.com/ Name: __stid
Value: ZHeACGVNC8AAAAAIDkNZAw==
.sharethis.com/ Name: __stidv
Value: 2
.securityaffairs.com/ Name: fpestid
Value: HJjJsobIb-GR8IB9VEfk9v5Y28HsXr0_01jyK5vPaxvWip2QO2pwhZLRyxYOP8CLRWtbHg
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1699548097.1.0.1699548097.60.0.0
.securityaffairs.com/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1699548097.1.0.1699548097.0.0.0
securityaffairs.com/ Name: __ppIdCC
Value: aexuritywddwira_xon210..5489.7566
.securityaffairs.com/ Name: _ga
Value: GA1.2.96333411.1699548097
.securityaffairs.com/ Name: _gid
Value: GA1.2.1777139236.1699548098
.securityaffairs.com/ Name: _gat_gtag_UA_59069958_1
Value: 1
.securityaffairs.com/ Name: sharedid
Value: 3a7797ba-b46b-4569-a7e3-bfe306d04619
.securityaffairs.com/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.exelator.com/ Name: EE
Value: "0a8bdb63816d824d9240fe8dd61ce4fb"
.adsrvr.org/ Name: TDID
Value: 0633bcd8-fc67-447d-af38-f03f3b151a77
.ml314.com/ Name: pi
Value: 3639818809408749569
.yahoo.com/ Name: A3
Value: d=AQABBMILTWUCEEwPvSoA0M7Sqbu6KjxMuSAFEgEBAQFdTmVWZSXcxyMA_eMAAA&S=AQAAAkcYZS_Xh3aJokJGVrJ_iLc
.eyeota.net/ Name: mako_uid
Value: 18bb4f5ee36-7370000010a4c29
.eyeota.net/ Name: SERVERID
Value: 19497~DM
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEg0SIpJcnM2MLQLMXCyCTF0sjEIC3VIiXFzDA51SQtaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6ImfHxUUpaQyLSopPBR%252B9VQ0Av5grEQ%253D%253D"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 27eb7581ee8f6765cddb0bd5d4f48ed8
.prebid.a-mo.net/ Name: __amc
Value: 1_1699548098_1699548098
.a-mo.net/ Name: amuid2
Value: 788d08ca-a4be-40a6-a62a-6061d2bde9eb
.prebid.a-mo.net/ Name: sd_amuid2
Value: 788d08ca-a4be-40a6-a62a-6061d2bde9eb
.script.ac/ Name: __cf_bm
Value: R5ev.wQu5FoRjuoamqsAkuqCZgbq9Z7BupNqfLYPbOk-1699548098-0-AZlC+egxWxCHW7jw6NormmWrACmvmllrG3yK2JNj3EDcgpapuNGulBKX3v6th2CZqs0GH9P1iz/NYikGV2UAJt8=
.go.sonobi.com/ Name: _usd_securityaffairs.com
Value: eef28ff1-5fda-499f-9f9a-15042d4fe14b
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 27013297
.go.sonobi.com/ Name: __uir_tp
Value: 27013297
.go.sonobi.com/ Name: __uir_z1
Value: 27013297
.go.sonobi.com/ Name: __uir_a9
Value: 27013297
.go.sonobi.com/ Name: __uir_iq
Value: 27013297
.go.sonobi.com/ Name: __uir_i5
Value: 27013297
.go.sonobi.com/ Name: __uis
Value: fdbde610-14c4-4eb2-9ed5-09e4990f6e69
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 565875=5709161
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1307149725%3B%24ql%3DMedium%3B%24qpc%3Dh2y+2j7%3B%24qt%3D93_1012_37935t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 1652812984930789700
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1307149725%3B%24ql%3DMedium%3B%24qpc%3Dh2y+2j7%3B%24qt%3D93_1012_37935t%3B%24dma%3D0&c=1&l=2047448187&lo=1391639384&lt=638351448984427229&o=1
.quantumdex.io/ Name: uid
Value: 86f136f0-6441-4d19-8b33-e8edf6f4fd48
.mathtag.com/ Name: uuid
Value: b409654d-0bc3-4900-a46b-45ca742dc72d
.adnxs.com/ Name: uuid2
Value: 8365386662731688929
.amazon-adsystem.com/ Name: ad-id
Value: AxLbANknAknxsQQrOyEsk9c
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUldQ4-765H0Fw6gjglSRvPo10Nv4YJ0JAbs4FjBfmuHwniepAxWN60Y_b_vRH4
.bidswitch.net/ Name: tuuid
Value: ce3988e6-521c-4e9a-88e5-bb39fb01da0b
.bidswitch.net/ Name: c
Value: 1699548098
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 28C0E945-35F4-407E-84C4-B03C0320B0C6
.bidswitch.net/ Name: tuuid_lu
Value: 1699548099
.ads.stickyadstv.com/ Name: UID
Value: 8d6b2298a721b6ca1f9c1eaca94dd528
.3lift.com/ Name: tluid
Value: 2572705412202874115175
.zemanta.com/ Name: zuid
Value: i2bMDCOzHBwHsbVY-aO-
.mediago.io/ Name: __mguid_
Value: 4df39c491145063d28hxwf00lorf22bg
.simpli.fi/ Name: suid
Value: D49FE6139CB34124B84DD67D7B3FB79B
.smaato.net/ Name: SCM
Value: ee30eb1cd0
.smaato.net/ Name: SCMaps
Value: ee30eb1cd0
.bidr.io/ Name: bito
Value: AAEZk07KmhgAABRwTZiIEg
.bidr.io/ Name: bitoIsSecure
Value: ok
.rubiconproject.com/ Name: khaos
Value: LORF21YV-1G-7I30
.csync.loopme.me/ Name: viewer_token
Value: 20b3426f-0aa5-4ba1-a518-0bf4155ce72e
.lijit.com/ Name: ljt_reader
Value: HoNphPZHfo40qwB1T-6mCZeS
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECUymJQU746oAD7lmsrnmfA&KRTB&23025-CAESECUymJQU746oAD7lmsrnmfA&KRTB&23386-CAESECUymJQU746oAD7lmsrnmfA
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDcwMDc1N7O01FEysUTlG6FyLUxQ%2BYYGKApqAaBWEIM%3D
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D49FE6139CB34124B84DD67D7B3FB79B&KRTB&23486-uid:D49FE6139CB34124B84DD67D7B3FB79B&KRTB&23489-uid:D49FE6139CB34124B84DD67D7B3FB79B&KRTB&23539-uid:D49FE6139CB34124B84DD67D7B3FB79B
.tapad.com/ Name: TapAd_TS
Value: 1699548100019
.tapad.com/ Name: TapAd_DID
Value: 3bb9e9c8-0485-4926-b486-156051b1d83a
.lijit.com/ Name: _ljtrtb_2
Value: D49FE6139CB34124B84DD67D7B3FB79B
.securityaffairs.com/ Name: __gads
Value: ID=7fc7c527f6f73f5a:T=1699548099:RT=1699548099:S=ALNI_MbQKVUeM_WIewMOkuSKM4OO-l7Y5Q
.securityaffairs.com/ Name: __gpi
Value: UID=00000da0e7250dd6:T=1699548099:RT=1699548099:S=ALNI_Ma1bSb1DhDzosaA-wtSkvVS4mRaSQ
.lijit.com/ Name: _ljtrtb_80
Value: LORF21YV-1G-7I30
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: ff06b7ad-b9e4-47bf-b825-73a856945536
.sitescout.com/ Name: ssi
Value: 659807c6-3385-4ae0-bde3-4c7bffdfdb52#1699548100394
.inmobi.com/ Name: idsp_c
Value: c923b7c1-5f4c-4087-b860-b6f242b4217d
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0633bcd8-fc67-447d-af38-f03f3b151a77&KRTB&22918-0633bcd8-fc67-447d-af38-f03f3b151a77&KRTB&22926-0633bcd8-fc67-447d-af38-f03f3b151a77&KRTB&23031-0633bcd8-fc67-447d-af38-f03f3b151a77
.contextweb.com/ Name: V
Value: b8hXQzY7XWqJ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 24200e43479dd2c8
.openx.net/ Name: i
Value: e88bf049-2028-4478-981f-9ef70538ad78|1699548100
.linkedin.com/ Name: bcookie
Value: "v=2&a7e4e1bb-0903-42a8-8a31-430bddd29dde"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2883:u=1:x=1:i=1699548100:t=1699634500:v=2:sig=AQFFWU5XlJRSX1AYUo3tAuPv8sGqbqZp"
.mfadsrvr.com/ Name: c
Value: 1699548100
.mfadsrvr.com/ Name: tuuid_lu
Value: 1699548100
.mfadsrvr.com/ Name: tuuid
Value: d389a46b-20c1-48eb-a0d8-84e096eb65fb
.lijit.com/ Name: _ljtrtb_84
Value: c:dc7914dfee66b4b74964e8031de2b30d
.adform.net/ Name: uid
Value: 191916075475754370
.turn.com/ Name: uid
Value: 2513037740847063967
.ipredictive.com/ Name: cu
Value: 5e872b9c-c8d1-475f-a771-4666c6760cd7|1699548100521
.lijit.com/ Name: _ljtrtb_49
Value: b8hXQzY7XWqJ
.quantserve.com/ Name: mc
Value: 654d0bc4-89bef-26c08-d8a9b
.primis.tech/ Name: csuuid
Value: 654d0bc4a28d0
.doubleclick.net/ Name: APC
Value: AfxxVi6PM9Ut_kGfU37mDb2CSltGnCel67RvlYjeum9lNRmz_jQKNA
.casalemedia.com/ Name: CMID
Value: ZU0LxIQ.p-0qjlW3xTznXgAA
.casalemedia.com/ Name: CMPS
Value: 1452
.casalemedia.com/ Name: CMPRO
Value: 1452
.lijit.com/ Name: ljtrtb
Value: eJwVyjEOwjAMAMC%2FeKZSHFt23DGEIBASggHaNU0QK2sr%2Fk5YT7eBhxESWz4Iku0jMXqOgVMSTRopR7UIO2Drr4T3dFtnnZ6fc7fgul2u9%2Bxxfgx4HPRE7u%2FcfRnrooZcX62JFC7KJtyCI6zNF3IVvj9orx8E
.lijit.com/ Name: _ljtrtb_16
Value: 659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341
.360yield.com/ Name: tuuid
Value: c4df7e7f-62c6-4761-bf16-33e03eb65218
.360yield.com/ Name: tuuid_lu
Value: 1699548100
.lkqd.net/ Name: lkqdidts
Value: 1699548100
.lkqd.net/ Name: sr59
Value: 1|CAESENCb56pgQwZP4GpzQfxb6Ik|1699548100
.lkqd.net/ Name: lkqdid
Value: KvuRXhMZiYI
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: teeZip6z5J
.ctnsnet.com/ Name: gid_CAESELUsumNh8sslb66OeTGfStk
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1a12e5d5-61c9-5414-5cb6-a13d04d29207.ditSHiISdriTXQTKuFTfzGs10BPe%2FlZYKG7tUw23lcQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1a12e5d5-61c9-5414-5cb6-a13d04d29207.ditSHiISdriTXQTKuFTfzGs10BPe%2FlZYKG7tUw23lcQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGhLl1WHJVBRctqE9BNKSB0YZ_7Y.pabiKctIg7WmkayidhXOC7ssU7eccwjn1eJGcDwrzHo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGhLl1WHJVBRctqE9BNKSB0YZ_7Y.pabiKctIg7WmkayidhXOC7ssU7eccwjn1eJGcDwrzHo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIISBeW0fj2O_iLjjbRHIQ_bIYhljU16oQqMo7ZHCh_6uEHwYBCDFl7SqBjABOgRzygDyQgRFUu3s.euPIIlIXW4s9bNXGPrZQaYuU4FudRRKP%2BX7xXQPsY40
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIISBeW0fj2O_iLjjbRHIQ_bIYhljU16oQqMo7ZHCh_6uEHwYBCDFl7SqBjABOgRzygDyQgRFUu3s.euPIIlIXW4s9bNXGPrZQaYuU4FudRRKP%2BX7xXQPsY40
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIzMjYwMrAwMrA0NzUyNzQ3tRDiM9T1qsiqjHA1MkuJMMwFALBsGhslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIzMjYwMrAwMrA0NzUyNzQ3tRDiM9T1qsiqjHA1MkuJMMwFALBsGhslAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129cj3Nco2TS8qiAgxKiwydzP3iPDwjAQA-c-j0x4AAAA
.bidbrain.app/ Name: uid_cross
Value: dbfc3ca8-7f1e-11ee-a082-469ae9415b64
.bidbrain.app/ Name: sid_cross
Value: dacf7cce-7f1e-11ee-8487-7a08e934fe05
.owneriq.net/ Name: si
Value: Q7528345012076470423P
.owneriq.net/ Name: gguuid
Value: 1
.intentiq.com/ Name: intentIQCDate
Value: 1699548101402
.intentiq.com/ Name: IQMID
Value: 1176108982#1699548101405
.intentiq.com/ Name: ASDT
Value: 0
.33across.com/ Name: 33x_ps
Value: u%3D212338249209002%3As1%3D1699548101787%3Ats%3D1699548101787
.mfadsrvr.com/ Name: ssh
Value: !sonobi,1699548102!bidswitch,1699548100
.tynt.com/ Name: uid
Value: 4Qap4mVNC8bCgISUDt9KAw==
.smaato.net/ Name: SCMp
Value: ee30eb1cd0
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5OTU0ODEwMjI5MSwiNDgiOjE2OTk1NDgxMDA1MjUsIjM5IjoxNjk5NTQ4MTAwNTI1LCI3IjoxNjk5NTQ4MTAwNTI1fQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341&KRTB&23418-659807c6-3385-4ae0-bde3-4c7bffdfdb52-654d0bc4-4341
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2513037740847063967&KRTB&23150-2513037740847063967&KRTB&23527-2513037740847063967
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1699548102453%7D%5D
.go.sonobi.com/ Name: __uir_tl
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_tl
Value: 2572705412202874115175
.go.sonobi.com/ Name: HAPLB8G
Value: s85134|ZU0Ly
.go.sonobi.com/ Name: __uir_yh
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_yh
Value: y-uLpT6T9E2uFhHKp0Az5wFqDlaeuklmLsmLTpXCo-~A
.go.sonobi.com/ Name: __uir_eb
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_eb
Value: CAESEK0gF6-ESvPTPwzDehHfnpc||1
.go.sonobi.com/ Name: __uir_an
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_an
Value: 8365386662731688929
.go.sonobi.com/ Name: __uir_ox
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_ox
Value: 900a7312-587b-4c80-b9f1-5f394329dfc0
.go.sonobi.com/ Name: __uir_pp
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_pp
Value: b8hXQzY7XWqJ
.go.sonobi.com/ Name: __uir_td
Value: 116021244379017397
.go.sonobi.com/ Name: __uin_td
Value: 0633bcd8-fc67-447d-af38-f03f3b151a77
.adkernel.com/ Name: DSP2F_76
Value: 614719
.adkernel.com/ Name: DSP2F_3
Value: 645839
.yellowblue.io/ Name: wrvUserID
Value: 9_rqzLtzkp_s
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHkPcm_Xh5jgMBDNpJAAAAAAA&KRTB&22713-AAAHkPcm_Xh5jgMBDNpJAAAAAAA&KRTB&22715-AAAHkPcm_Xh5jgMBDNpJAAAAAAA&KRTB&23519-AAAHkPcm_Xh5jgMBDNpJAAAAAAA
.omnitagjs.com/ Name: ayl_visitor
Value: 6f7d3936a1bf4aa2a53306b303f7cfb0
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3b9956e3-687b-30c9-a1e9-82f1b29fa62f
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: dc6c0739-7917-5339-b4a9-2d75d1e426b3
.betweendigital.com/ Name: ss
Value: 1
.intentiq.com/ Name: IQSonobiCookieSync
Value: 1699548102493_-318533101_313
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1699548102493_0_313
.quantserve.com/ Name: d
Value: EMMBDgGxKoEO-TA
.mxptint.net/ Name: mxpim
Value: R33646_10BE2BB19_4AAC929F.1.0000000000000000654D0BC6
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2623020820975271758
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8365386662731688929&KRTB&23339-8365386662731688929
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_dcd1d6b1-7f1e-11ee-a786-125edd13ad3d
.kargo.com/ Name: ktcid
Value: 02f3fc38-5249-0344-5d45-5a75e160f779
.linkedin.com/ Name: li_sugr
Value: 382cecfe-b02f-43c3-b3ad-15c8f6af5a01
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7&KRTB&19420-vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7&KRTB&22979-vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7&KRTB&23403-vMQ4NrqTb2anyTUw75chYLySPGqnlTQzs5NBKEq7
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129cj3Nco2TS8qiAgxKiwydzP3iPDwjAziNTSztDQ1sTA0MDQ0NdzEiOAbmZgZvmJEkTf5hSxvamEOAHlx-IFdAAAA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-GhLl1WHJVBRctqE9BNKSB0YZ_7Y&KRTB&23334-GhLl1WHJVBRctqE9BNKSB0YZ_7Y&KRTB&23417-GhLl1WHJVBRctqE9BNKSB0YZ_7Y&KRTB&23426-GhLl1WHJVBRctqE9BNKSB0YZ_7Y
.onetag-sys.com/ Name: OTP
Value: 2DUaz3xpp2kaVpipJhKnoKI96rn2eu4G3sTX3GGJkDQ
.betweendigital.com/ Name: ut
Value: ZU0LxgAJN2C_Tc0hn3F8RRs99TiaRlDM9kWajA==
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZU0LxgAAAD32KAAj
.bfmio.com/ Name: __187_cid
Value: 28C0E945-35F4-407E-84C4-B03C0320B0C6
.bfmio.com/ Name: __io_cid
Value: b035fb7de6787f71a4d16d4981574d8c86dc738d
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A6299686325479049988
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_10BE2BB19_4AAC929F&KRTB&23092-R33646_10BE2BB19_4AAC929F
.go.sonobi.com/ Name: __uir_zt
Value: 116021248673984694
.go.sonobi.com/ Name: __uin_zt
Value: 2623020820975271758
.dotomi.com/ Name: DotomiTest
Value: 13fcc3e201d154c
.adgrx.com/ Name: ADGRX_UID
Value: dce39620-7f1e-11ee-97d5-513f6ca673b5
.audrte.com/ Name: arcki2
Value: dd4BDJxkUf5RcqGch78Fy3Lhg!20220908!1699548102661!ip#70.25.255.182
.thrtle.com/ Name: mc
Value: eyJpZCI6IjRkNGQ3YjRkLTBhNDQtNDU1NS1iMjI5LTM5ODUyZTBiNzdjZCIsImwiOjE2OTk1NDgxMDI3MDgsInQiOjF9
.rlcdn.com/ Name: pxrc
Value: CMKXtKoGEgUI6AcQABIFCOhHEAQSBQjbThAA
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdjhFZERoIzEwMTM5XzAmVHY4RWRaRQ
.intentiq.com/ Name: IQPData
Value: 1176108982#1699548102740#0#1699548101363
.ctnsnet.com/ Name: cid
Value: 8d17ddff635d45eea67ec525aa3a2203
.w55c.net/ Name: wfivefivec
Value: n0gkqEed1R186a5
.deepintent.com/ Name: CDIUSER
Value: di_bf19b4b662464003b6b1d
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:i2bMDCOzHBwHsbVY-aO-&KRTB&23513-uid:i2bMDCOzHBwHsbVY-aO-&KRTB&23537-uid:i2bMDCOzHBwHsbVY-aO-
.go.sonobi.com/ Name: __uir_st
Value: 116021248673984694
.go.sonobi.com/ Name: __uin_st
Value: GhLl1WHJVBRctqE9BNKSB0YZ_7Y
.w55c.net/ Name: matchpubmatic
Value: 5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 2afc7f67-f499-4f23-8453-7e553b2ee1ba
.liadm.com/ Name: lidid
Value: 91d8a00c-5ce6-462d-8c00-0695962c8d92
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b409654d-0bc3-4900-a46b-45ca742dc72d
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-dce39620-7f1e-11ee-97d5-513f6ca673b5&KRTB&23275-dce39620-7f1e-11ee-97d5-513f6ca673b5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-191916075475754370&KRTB&23263-191916075475754370&KRTB&23481-191916075475754370
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-552da1a9-f27d-4896-b9db-1e4281b89c01&KRTB&23340-552da1a9-f27d-4896-b9db-1e4281b89c01&KRTB&23498-552da1a9-f27d-4896-b9db-1e4281b89c01
.technoratimedia.com/ Name: tads_uidp_37
Value: 272cfe97-38e8-37b3-a164-c8fdd5fcf916
.technoratimedia.com/ Name: tads_uidp_44
Value: LOQA1EZQ-1M-5WYQ
.technoratimedia.com/ Name: tads_uidp_46
Value: 3723494638085938754
.technoratimedia.com/ Name: tads_uidp_49
Value: AAABoi4qecnhDANtoLryAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: addaf2b0-cfd0-4cd0-9d0d-7700895c7dcd
.technoratimedia.com/ Name: tads_uidp_61
Value: 212337434014848
.technoratimedia.com/ Name: tads_uidp_62
Value: 3424598990898495000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: PB2tuugsopROZ51ZjDrezcL4h3IB9qAk
.technoratimedia.com/ Name: tads_uidp_7
Value: 7c5602c0-d8f3-45d2-a519-3de1bcae868a
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEZk07KmhgAABRwTZiIEg
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-fd1b0721-55c4-4ac1-931e-65425c98c5da-005
.technoratimedia.com/ Name: tads_uidp_77
Value: JQwXs9h6Cvf-e07M4nx7fqbt0DqkdVxGCgVDAV1fKPI
.technoratimedia.com/ Name: tads_uidp_79
Value: a08635ca-1803-45fa-a831-052c3dd6a706
.technoratimedia.com/ Name: tads_uidp_82
Value: ZUuHJZmop2i5byFnRUXtxwAA&1374
.technoratimedia.com/ Name: tads_uidp_88
Value: 1041123035450482666784
.technoratimedia.com/ Name: tads_uid
Value: 79B60678331B4F84BD85BCDBABF994F6
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231108130338+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.media.net/ Name: visitor-id
Value: 3425497020898259000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.analytics.yahoo.com/ Name: IDSYNC
Value: "19b8~2eyg:194o~2eyg:18z8~2eyg:1991~2eyg:190u~2eyg:196y~2eyg"
.adnxs.com/ Name: anj
Value: dTM7k!M40*h.v04ghqdmU(5<UwNR3l!]tb+.CK$wNl!cK9]@9C=BNW7fRdi`420@LC1`qakOjFftM`/w/X+aH66s8TaE]B#h(OuZ=QKvXR!y]wg^<OX=g$CE#hgqO+3?@^)`q$B3y7E]3xJ5Hj7mgp='BiV<5Win4h'gV5+CuF=NO16<`Z8iNs_bH[-kX-$Al4K
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPUkYyMVlWLTFHLTdJMzAiLCJleHBpcmVzIjoiMjAyNC0wMi0wN1QxNjo0MTozOVoifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMjU3MjcwNTQxMjIwMjg3NDExNTE3NSIsImV4cGlyZXMiOiIyMDI0LTAyLTA3VDE2OjQxOjQyWiJ9LCJhbXgiOnsidWlkIjoiNzg4ZDA4Y2EtYTRiZS00MGE2LWE2MmEtNjA2MWQyYmRlOWViIiwiZXhwaXJlcyI6IjIwMjQtMDItMDdUMTY6NDE6NDJaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTEtMDlUMTY6NDE6MzlaIn0=
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:n0gkqEed1R186a5&KRTB&23421-uid:n0gkqEed1R186a5
.a-mx.com/ Name: amdt_t
Value: p::1699548102904
.a-mx.com/ Name: amuid2
Value: 788d08ca-a4be-40a6-a62a-6061d2bde9eb
beacon.lynx.cognitivlabs.com/ Name: ss
Value: IVMvvRJiKoI0OHyJPD5xahy2Q4FG2%2FLfupoRtgOtRAwtJi6kjWw%2BbRY6%2FlcEDmTboFdLKrkSq95XwJaxgDE4hTFZfvP%2F%2BUf3%2BsAk7z7BsGM%3D
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: dd4BDJxkUf5RcqGch78Fy3Lhg!20220908!1699548102971
.acuityplatform.com/ Name: auid
Value: 850249877883
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRW0eYAqUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVtHmAKlI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.server.cpmstar.com/ Name: USER_ID
Value: u%ba%27G%e2%bbg%9f1%c2%aeDq%1e%92
.pippio.com/ Name: did
Value: ty0Y5PM18cSrpIvL
.pippio.com/ Name: didts
Value: 1699548103
.pippio.com/ Name: nnls
Value:
.bluekai.com/ Name: bku
Value: rlQ991znEVDZwTxd
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.pswec.com/ Name: tuuid
Value: 7af2fbb0-cbdc-4d5f-87a7-5370182b1bef
.pswec.com/ Name: c
Value: 1699548103
.pswec.com/ Name: tuuid_lu
Value: 1699548103
.demdex.net/ Name: demdex
Value: 16812333711407351530746346095360530410
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-850249877883&KRTB&23428-850249877883
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzg4ZDA4Y2EtYTRiZS00MGE2LWE2MmEtNjA2MWQyYmRlOWViIiwiZXhwaXJlcyI6IjIwMjMtMTEtMjNUMTY6NDE6NDMuMTMyNzg5NzU4WiJ9fX0=
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 116021248673984694
.go.sonobi.com/ Name: __uin_bw
Value: ce3988e6-521c-4e9a-88e5-bb39fb01da0b
.creativecdn.com/ Name: u
Value: cf34NU9bylU0hAu57blx
.creativecdn.com/ Name: ts
Value: 1699548103
.rubiconproject.com/ Name: audit
Value: 1|8M7dxRucFzwT9KPBNPRyp3COm+Krcfv9CwI92SdLZv7JSfr/nykDTr7uBDyoP26bf7jyxquirCowHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpbsg4/KyY3J0rWfQ1d/IJouO7WIBt2SuNV4AHjU+6dNJTXBTRQobtr3UaeFogT4mdvU4xABbUGAXZ8EO4F9qUwzm4wOMibjQpVNUCHxzoKWM
.tribalfusion.com/ Name: ANON_ID
Value: ayntXLRwEfES2QVoq6vnQ8600k7hbvXLZbTvkYpW7Yi4FfJj3fjBVSl16fUYYt2nqGdSxVZac3LBZcE3H0109RHQk92DHFE
.dpm.demdex.net/ Name: dpm
Value: 16812333711407351530746346095360530410
.serverbid.com/ Name: CONSUMABLEID
Value: b8141636e4114df0941636e4115df024
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nwb|4is.0.CAESEODZ_DFzMf4_k5zDtj1wVMw|7LJ.0.0ae73278-118f-48e2-a540-04f48fc05f21|7dN.0.AAEZk07KmhgAABRwTZiIEg|7dW.0.1
.go.sonobi.com/ Name: __uir_co
Value: 116021248673984694
.go.sonobi.com/ Name: __uin_co
Value: bbed91187039492fad91187039692fcc
.audrte.com/ Name: arcki2_adform
Value: 191916075475754370!20220908!1699548103233
.pippio.com/ Name: pxrc
Value: CMeXtKoGEgQIAhAAEgYI7OsBEAA=
.smartadserver.com/ Name: csync
Value: 117:6f7d3936a1bf4aa2a53306b303f7cfb0|127:AAEZk07KmhgAABRwTZiIEg|141:dd4BDJxkUf5RcqGch78Fy3Lhg
.adx.opera.com/ Name: UID
Value: OPUda6fd0de5ce44fb5a1c37258e99bf261
sync-dmp.mobtrakk.com/ Name: pid
Value: NDBhNTQxNGU5MjI0MWJmMQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEZk07KmhgAABRwTZiIEg
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUda6fd0de5ce44fb5a1c37258e99bf261&KRTB&23485-OPUda6fd0de5ce44fb5a1c37258e99bf261&KRTB&23524-OPUda6fd0de5ce44fb5a1c37258e99bf261
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.audrte.com/ Name: arcki2_smart
Value: 1652812984930789700!20220908!1699548103435
.id5-sync.com/ Name: id5
Value: 0f5c8eff-6298-701e-a11c-d50a84f842a3#1699548102782#3
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6Ijc4OGQwOGNhLWE0YmUtNDBhNi1hNjJhLTYwNjFkMmJkZTllYiIsImV4cGlyZXMiOiIyMDIzLTExLTIzVDE2OjQxOjQzLjUwNTMyMDA3MloifSwicnViaWNvbiI6eyJ1aWQiOiJMT1JGMjFZVi0xRy03STMwIiwiZXhwaXJlcyI6IjIwMjMtMTEtMjNUMTY6NDE6NDMuMjM5NDg1Nzk3WiJ9fX0=
.go.sonobi.com/ Name: __uir_rh
Value: 116021248673984694
.go.sonobi.com/ Name: __uin_rh
Value: cf34NU9bylU0hAu57blx
.linksynergy.com/ Name: rmuid
Value: 84187463-519e-4791-a3b8-fcd00d6b7bb1
.linksynergy.com/ Name: icts
Value: 2023-11-09T16:41:43Z
.rlcdn.com/ Name: rlas3
Value: KxPNjVgceNSJKNMJnyQrGzPUqjLJnhZ3JT44KOXUs5M=
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.securityaffairs.com/ Name: cto_bundle
Value: Yz9tQl9CV2IlMkJkYUtBYVcxc293Wmp3c1Jub3Jwa3F1dTRoV2t3JTJGOTlzeUJKVk5Ld3lIWm1Zeng4Z0E5N3ROZXhQNGxEcVJxdzJYdktPSUZ0RTFhdVBPVzNtY0xTJTJGakNjTnByNmFXWlNJTCUyQm1TVURTMlhTQTM2MnFEVXFGVTF6cDVYbW9W
.securityaffairs.com/ Name: cto_bidid
Value: IJIrk19TNzRqRWhDcEdqQUglMkZoSnRtY0pjTUJ6WklpUlZFJTJGTFZ4JTJCeDVqaFREWnJvNjc5UGlkVnlGc0lZZjZTbXUxT0FoV0wyS3pIRzllZjRFOTdBaXVFRFZuQSUzRCUzRA
.c.appier.net/ Name: _auid
Value: yQaVZ-o2CWyyfmRuxwtNZQ
.pubmatic.com/ Name: DPSync3
Value: 1700524800%3A257%7C1699574400%3A255_248%7C1700697600%3A262_261_258_236_245_259_260_201_263_256%7C1700092800%3A253_252_265
.pubmatic.com/ Name: SyncRTB3
Value: 1700697600%3A204_233_165_54_196_56_243_104_22_55_5_234_214_264_71_13_178_231_240_21_8_7_166_99_250_3_81_238_96_249_176_46_48_220%7C1700352000%3A63%7C1700784000%3A35%7C1704672000%3A69%7C1702080000%3A224%7C1700092800%3A223_15_38_2
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-yQaVZ-o2CWyyfmRuxwtNZQ
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 16
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbXByb3ZlZGlnaXRhbCI6IjIwMjMtMTEtMDlUMTY6NDE6MzguMzU5MDM5ODNaIiwib25ldGFnIjoiMjAyMy0xMS0wOVQxNjo0MTozOC4zNTkwMzY2NTdaIiwicnViaWNvbiI6IjIwMjMtMTEtMDlUMTY6NDE6MzguMzU5MDM1MjM5WiIsInVucnVseSI6IjIwMjMtMTEtMDlUMTY6NDE6MzguMzU5MDYyODRaIn0sInVpZHMiOnsiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMzM4MjQ5MjA5MDAyIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDhUMTY6NDE6NDIuNjc3Mjc4ODU4WiJ9LCJhZGFnaW8iOnsidWlkIjoiNmJlM2I5NzktOGQ0Yi00ZWJhLTlhNzgtMDIwZDJmOTM5NDk5IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDhUMTY6NDE6MzguMzU3MjYyMDk3WiJ9LCJvbmV0YWciOnsidWlkIjoidlMxVXJrbFhxbWpUcmthb0ZrN2UzVTFsMWkxSDFmVUtxMERUQ2pMdlZyZyIsImV4cGlyZXMiOiIyMDI0LTAxLTA4VDE2OjQxOjM5LjY3MzAxOTMyOFoifSwicHVibWF0aWMiOnsidWlkIjoiMjhDMEU5NDUtMzVGNC00MDdFLTg0QzQtQjAzQzAzMjBCMEM2IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDhUMTY6NDE6NDQuMTUyMjkwMTc4WiJ9LCJydWJpY29uIjp7InVpZCI6IkxPUkYyMVlWLTFHLTdJMzAiLCJleHBpcmVzIjoiMjAyNC0wMS0wOFQxNjo0MTo0MC42Njk1MzA4MTdaIn0sInVucnVseSI6eyJ1aWQiOiJSWC0xMGVlOWQxMS05MjNkLTQzNzQtODJjYi1hOWRlMGNjZjM3YzItMDA1IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDhUMTY6NDE6NDEuODY3MDAxODg5WiJ9fSwiYmRheSI6IjIwMjMtMTEtMDlUMTY6NDE6MzguMzU3MTY3NTIyWiJ9
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1699569704224
io.narrative.io/ Name: io.narrative.guid.v2
Value: ddf71cd1-7f1e-11ee-9828-02e4221a2b5f
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.admixer.net/ Name: am-uid
Value: 0b5b6b35040144cba5d04f524df09a01
.adsby.bidtheatre.com/ Name: __kuid
Value: b1d78ee9-0178-47b2-bb40-1af566d0ac6e.468762104
.gumgum.com/ Name: vst
Value: u_cc95bf89-ecab-4cac-b993-eaf62f7cb946
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005&KRTB&17107-RX-10ee9d11-923d-4374-82cb-a9de0ccf37c2-005
.pubmatic.com/ Name: PugT
Value: 1699548104
.semasio.net/ Name: SEUNCY
Value: 91136523C92BA8FE
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231109%22%2C%22147%22%3A%2220231109%22%7D
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_12_1699548097809
.id5-sync.com/ Name: 3pi
Value: 112#1699548105312#790130358#91136523C92BA8FE|434#1699548102982#-318533101|2#1699548104249#1178586468#8365386662731688929|1221#1699548105869#1406817421|264#1699548103973#1858076544#0633bcd8-fc67-447d-af38-f03f3b151a77|441#1699548104832#580254833#u_cc95bf89-ecab-4cac-b993-eaf62f7cb946|987#1699548105593#1027388664|155#1699548105869#-756898543#AAEZk07KmhgAABRwTZiIEg|108#1699548103324#1592581842|429#1699548103669#1341679413#28C0E945-35F4-407E-84C4-B03C0320B0C6
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7528-2!7528-3!7528
.rqtrk.eu/ Name: browser_id
Value: 1:303d1f98-0dcb-49e6-9f43-501e10ec4783
.pubmatic.com/ Name: SPugT
Value: 1699548106
.onaudience.com/ Name: cookie
Value: ba5a21473cb5f55d
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjY9paAmdOwPBAFEhQKBXRhcGFkEgsIvq-e_5jTsDwQBRIWCgdzdng5dDUwEgsIqLSslJnTsDwQBRIVCgZjYXNhbGUSCwi6waSVmdOwPBAFEhYKB2JsdWVrYWkSCwi6_6a_mdOwPBAFGAEgAigCMgsI7qW26a_TsDwQBTgBWgd4a3N3OWxhYAI.
.zeotap.com/ Name: zc
Value: ac862f81-e5d4-4bdd-76ec-a05b151efce8
.zeotap.com/ Name: zsc
Value: %00F%E8%08F%13%C5%7D%B27%9BXP%D2%B2%27%8EHG%EB%9B%25%E7%99R%AC%14%1A%10v%10%DD1uK%DE%97%C1%40%95%D9D%A5%83%8FAE%A9%BB%EC%7D%9E%C8%21%AA%97%1B%84%0A%B4%0F%DD%0FT%3EE~rh%25y%7B%E3.4%3C%FF%03%82%C6%02%7D%F6

70 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1699548097&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F153882%2Fsecurity%2Fsumo-logic-security-breach.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699548097146&bpp=6&bdt=1046&idt=560&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5015548753147&frm=20&pv=2&ga_vid=96333411.1699548097&ga_sid=1699548098&ga_hid=274754688&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079347%2C44807460%2C31078297%2C44808149&oid=2&pvsid=3334696842036870&tmod=263354514&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=597
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2028C0E945-35F4-407E-84C4-B03C0320B0C6&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEET66V58jcNuvxzQY0szsDY&google_cver=1&google_push=AXcoOmRdfmfWLkEoZO0BGJnOcl53xYG8X_kbMIjc6z7NgXUD82ENIouV0kkeGvxm_Nxty6W6d5l2wCdBI4Zqsk3-rtlGA9-_lttiTPtl
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5e872b9c-c8d1-475f-a771-4666c6760cd7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://t.sharethis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hde.tynt.com').
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=191916075475754370
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.quantumdex.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://t.sharethis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hde.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.quantumdex.io').
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=0ae73278-118f-48e2-a540-04f48fc05f21
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=securityaffairs.com&e=27&uid=788d08ca-a4be-40a6-a62a-6061d2bde9eb(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
network error URL: https://rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com/videoplayback?expire=1699576902&ei=xgtNZciTBJuCy_sPypCT4AQ&ip=70.25.255.182&id=e1b2c136a01fa9e7&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=GJ&mm=31&mn=sn-cxaaj5o5q5-tt1y&ms=au&mv=u&mvi=3&pcm2cms=yes&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1698800938247226&mt=1699547241&cpn=CumI2nIwY3KS-4wp&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRAIgP9clVvKPmNUSsBGb4v5i8ZhxK3QeayyHxnuHfiABGXoCIAPM6q8PeMNf5tgPaTmQttY2OhRO5HP0kFt-W3XB3RFR&lsparams=mh,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AM8Gb2swRQIgVeb7TC6nHui7D5h1HPvlvzM0hRefRXnCYzLpMregGqQCIQDuid17_wGAbG-_9LAL6vRtjH8YkJEWWC4iFqr1M1Zhxg==
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://securityaffairs.com').
network error URL: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAHZQXMKJNuCO8E97gUEaRg&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-f8c3yLvpA2FuuEx_-q0UfYwgYQtx59QRr7lSXdJfdw&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&xid=ZHeACGVNC8AAAAAIDkNZAw==&google_gid=CAESEHyvVtFj6FLkGKNZY22zCZw&google_cver=1
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
amazon-tam-match.dotomi.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api5137.d41.co
assets.a-mo.net
assets.vlitag.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
buttons-config.sharethis.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cdn.jsdelivr.net
cdn.rtbrain.app
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.krushmedia.com
cs.lkqd.net
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
d.turn.com
de.tynt.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
global.ib-ibi.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hde.tynt.com
i.clean.gg
i.liadm.com
i0.wp.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inmobi-match.dotomi.com
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
ius.ctnsnet.com
l.sharethis.com
lb.eu-1-id5-sync.com
live.primis.tech
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
ml314.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
pbc.vliplatform.com
pd.sharethis.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg-apac.smartadserver.com
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
px.vliplatform.com
quantumsyndication.com
rr3---sn-cxaaj5o5q5-tt1y.googlevideo.com
rtb-csync.smartadserver.com
rtb-useast.rtbserve.io
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.xaprio.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
securityaffairs.com
server.cpmstar.com
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st.pubmatic.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.sharethis.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pswec.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.rd.linksynergy.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
use.typekit.net
useast.quantumdex.io
visitor.omnitagjs.com
win-rtb2-useast.xaprio.net
ws.rqtrk.eu
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
x.videobyte.com
343818ca31dd20503f47479d5f833ed4.safeframe.googlesyndication.com
ad.mrtnsvr.com
ads.avct.cloud
cs.krushmedia.com
global.ib-ibi.com
id.a-mx.com
match.bnmla.com
ssl-market-east.smrtb.com
sync.extend.tv
uipglob.semasio.net
103.132.192.30
104.18.36.155
104.36.115.111
104.86.160.58
107.178.254.65
131.153.203.243
141.94.170.77
141.95.98.64
142.251.163.149
142.251.167.155
147.75.195.77
15.235.42.102
151.101.66.49
159.89.246.130
162.19.138.120
162.248.18.37
172.104.64.149
172.253.122.155
172.253.62.154
172.253.63.155
173.231.178.82
174.137.133.32
18.118.57.12
18.160.10.20
18.165.83.61
18.165.97.179
18.207.95.25
18.232.190.217
18.67.65.120
18.67.67.228
18.67.76.44
185.167.164.39
185.184.8.90
188.166.17.21
192.0.76.3
192.0.77.2
195.5.165.20
198.134.116.50
198.148.27.131
199.127.204.142
199.38.167.131
20.253.86.149
2001:4860:4802:38::181
2001:4958:300:4f2::e
207.198.113.90
213.19.162.80
216.200.232.249
216.219.92.22
216.22.16.32
23.105.12.137
23.105.12.171
23.197.184.187
23.205.2.235
23.220.128.241
23.235.251.211
23.34.59.37
23.41.168.23
23.41.170.143
23.61.60.237
23.88.86.2
2600:1402:b800:40::1730:a2d0
2600:1f18:4e9:5a05:c4e3:8320:b906:8d19
2600:1f18:ed:550f:c919:35a9:9cba:2762
2600:9000:201e:6400:1a:5235:f980:93a1
2600:9000:2269:2e00:1b:6b7d:2300:93a1
2600:9000:2305:d000:1b:5138:8a40:93a1
2600:9000:250b:8800:c:abe:f440:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2604:9e00:1:129::2:a01
2604:9e00:1:129::2:ae0
2606:4700:10::6816:1857
2606:4700:10::ac43:15e3
2606:4700:10::ac43:2ac9
2606:4700:20::681a:2be
2606:4700:20::681a:784
2606:4700:20::681a:8a9
2606:4700:3031::ac43:8cd3
2606:4700:3037::ac43:9e3b
2606:4700:4400::ac40:994e
2606:4700::6812:1791
2606:4700::6812:18ad
2606:4700::6813:9e13
2606:ae80:1451:12::1720
2607:f8b0:4002:c10::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c09::be
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1f::94
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a04:4e42:200::485
3.128.142.77
3.132.17.37
3.16.110.141
3.214.77.105
3.224.166.52
3.225.218.10
3.248.0.36
34.102.253.54
34.111.113.62
34.117.239.71
34.117.77.79
34.149.135.28
34.149.40.38
34.195.47.71
34.206.203.200
34.229.3.43
34.232.28.168
34.95.69.49
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.194.66.159
35.207.24.140
35.208.249.213
35.211.178.172
35.214.188.71
35.227.252.103
35.71.131.137
37.157.2.228
38.98.69.175
40.76.134.238
44.195.240.36
44.197.9.244
44.199.53.197
44.207.33.114
5.161.195.128
50.31.142.191
51.222.239.232
52.203.145.176
52.223.22.214
52.45.175.185
52.46.130.91
52.5.49.117
52.50.95.14
52.55.144.0
52.70.253.77
52.86.178.195
54.158.207.29
54.158.26.120
54.160.63.89
54.164.94.122
54.204.132.40
54.210.173.88
54.82.239.169
54.88.158.25
63.251.28.134
63.251.86.49
63.251.86.51
67.202.105.24
67.202.105.31
67.202.105.33
67.220.224.150
68.67.160.114
69.166.1.35
69.166.1.9
69.173.151.100
69.173.151.96
69.20.43.192
69.90.254.78
70.42.32.255
74.119.119.139
74.119.119.150
8.18.47.7
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.28.7.95
8.39.36.141
8.43.72.98
80.77.87.166
82.145.213.8
96.46.186.57
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06432bf630b7801817ab09d5e1b106111033b8986a40fcf27451fad5485a3454
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bae02d2b0add5833b0cd28f589ecfd23ea57a3b7c5c910d4173f0c9240a7265
0bdf3a60999ce2927ed5543844f805be077b9e5285426af28b6870a9dc05d6de
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e1904a5c113e2e62a825a41dfb4db12044eb516125b76729479b952c0117aea
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10c837a7157c185d7edcf294f90f2fb1e2a905630acc4862e6aed332599f3266
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
17446543d91098da993ab366220b1ebf065184a12022764ed7dbeedf681190ed
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d7f9289b9e9b768f4add47941d29f127d5e3343774de111f7e68a9af81e33f2
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef
1e5bc4f463c4912130df98b2da27b5bcc9354266bb244f1dd1e14ecba6fd4061
1fdcf21a67dced7ef7487458ac3c2e43361f52074b73d0170de7b33e96d0aa2b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba59ceff66dd9e45fda6233fdd69da752c08275a7bba5e5c6beaa66d08dee7c
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2dc3df8900b7793112daec5f9e53fc7b1a54574586b195e6174682bb35d8b8bb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f44455777d48423bc31aeda7cdc83ce970f82fbce9614a591376cf14c7a560c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9c29c2c137ab3bfa3d04931e44e87f5bf4c98915d4e1c61d4b1c44283082e8
30becf1c6bffbd9ea5c90f47c264b8df81a160a5714d5221785dd18d968bf98d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
342ae8a889cbe13cded2bda31d216e6d0dcdf6ca24ba61ad2336163a12514389
352b9369c700ae587aad2c081336efc0c7db3953b649ec45b33c9b51ee338f7c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
399ef26c01aec105e836a6d797d372f5b13cb8ba4a1977459f8a8b8116db799e
39d2a44841c560c3d725e832849e38af004a209ab021b070769ec5b26618dcbe
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d9347073466eb1f2160421a0b775742abef5b7910208a2cd25e5ca26251fd0b
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f961ecb2eec971a2b316b2d6e5dc0d3d27a409eb4c6d20ade44bd903d4f5de0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410198166cd4905ddfbe8b090c16e836864b0984f520755fd797921bbad42f01
418b6fddf3d52d2f1ee1daeb643a78726ee69420bd18c478d9361457e29b3497
418cdd4ae88557c45df3fa520f11fac7d91e1ee7d111ad47fff8c2d97d33954b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436463dbbd471e6aae3cc0faf1b1598e276a77c83f6e5fd862a716dd16bf4451
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46953a7dde3d51f0c0ef4e8288d0b577a3ce63dc155808ce9291f2157fe5f725
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4adb52deb89fb76426cdcee5e9bb016b5f6b6b0d415c9bb32084fb1b460f9302
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4c2dc1863b5ed1146f85d081f02c14d6cd96eae58470f8e98286734d34f67564
4dab0f7e00dd4db90586247545ce90ae4729f1d94027fda1ba4d853c96ab3258
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
54328a37847f1728addd7b88ac447f87744d7c39b16c018d92558385ab5ae31d
544f1285bad8e5cb7a2821f58c41b0d70a9738a8621bbb70ed78fad192ab1413
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b94dcf559ae6da241255092aa5ddae9936c295f97935efa2578f7483b7fa9c
56c4c5df468d2efd2d4fba25d35569e9ecc1bd620fdfe8038f3b28a5935efa46
5811e8e1b9b091f195bd403e254472cdd8450036946db8bce22b341aed0548cd
584f59e5cda07a596ee486d8681e3262e50032716714cfc722feace664a9e0f9
58681421a17125b5a0c3c78602010948a98931e33eeb0c7926987fe0fdc5403d
5a3fc99122cb63982a6984bd9c54bf015319eb54b046c7c13ae7f10fb856bb5c
5c364884e4f1d29b983e0eaa250ea2f9bc04cb973d2fa20fc5dfb62e443f184b
5f2fe09f3f40e8331e6d9c88cd25eef49a4aa94b2ec5dec4ac5893560dddc1ce
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64ac99bf449022f3c4df96d5205e4a48e44dd0ef483c70b087da40b8d1ba62b8
65defb5ca1039cb180b3ccc0b52e5c89b918b2944d44a3de3a21698e5733abf5
65f1cb67c7dfc1d8273284b05040e330efa7769fd6bbcfd5e6c076ef52e7b53d
660a4487fa1d78de19f0bee407053480abd7b8a113f4bb19f3a08d07b68a1290
68454b324cafc601e82a8a42fa2a946886690be81d0cf2de83612a7f6b376ad8
690131a53fe7ed758cd7d75ead271ff28e6aada69c9d4c5a471ffd61f68c81c4
69024c46d5c8b012a8a8dfb35945a33747ac54b12d49f531cd2d52a7025a7a77
690ea7cdc7a9970cb68aea03232c0a041c628925476db63e5b47065eca357d67
696e31294b42e06bb6fc2d954667a3c21f9d4ae37b0f5a898244850fd5ca8eb4
69fdaaef9c855b02043efbb6c0a319f612e2148944a78d744579bbb2a9647603
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c517fbeac139a592d9570abd8861f583fdadecd5bb0e776483ecdf1f599e9e4
6df687eb3c87cc8b5709a60c000210162205f02fd66f2e7a1c8a49dd010d027e
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6e94d2459be6f951472bf793630073b785731963f0800d67c030f090ba325fe8
72269179054713bca7440d30772cd7a60a1ccd3abb7f275f6c05754e871cb910
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d
7399f89c622cbbf5435feb7628b6844df4fcb4764811155c2c5f049e3bd0d42d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77ab31299e91c452d66639dbb4ce1586efba5c64c16919d899f5b28b238bcb2b
77eea9d378711b5834e14117743befec7a3ac6e02781b9aaf7504a48fd6baccf
783f35c2b1ac01b2a32a98a360841cee70c76ec86c47f22c6d5fdcaa360ef440
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1
7d566d8859292199d29f9369e2ac1409a3f2b098c4819ecac9b237418273ac9f
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
82cda9d375de393cf6138b163a72943151eacac23c7dec144c9e659472bba4bd
833fe9fd73ea9b06362c91484d862f54fd1fba084c65e6a11b09e5a09ce5cf00
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab
85b00ceb0b495b030fef19b9ef1513d31e6d1bf2f976c32426359cd64d754338
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
87323633233b1c48ab3f665c024223c31c44e71a698ab2d495d7211051e76b3b
87d810140b99372801b4a71071289e95c75433620f5882bcd81851224f5d2352
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8b0d0135637376ad2cb59f12e5ee238dd63ba326e2f40e4779323c3e88564d5b
8b9608536b37a41bc7773906811ba161c2aebc1c2bc849799b62d3fd15e6fc1f
8d03b926e6376a02553663daec84f0e32811039be2f53bc98fb3de2808956c18
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fde66dbe5ddd90a43eba6c1133cf2056c30639b34a3d776ea13fc43654b63e7
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
90eb8bf0ddf7035f99dd4c35ed97ba872953b6db7445d71d830b2e0e7d68c4fa
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
96338f8cff2f2ae8149b47e3ca60afe09128fa9b26a6b14086121b68eed99b69
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9bf4c2f132831a2ee01658fad9341c06e92b4eb125d781954786b29020b4a3d1
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f4280619cb5108d780ea03968dfac3e1936c51ea7622bb3195b0b74b4a00924
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a6b5a3208f1504b0e433d87316889116b58a7336d8198afe8268e1073b93d7a6
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a919afbda7418ab769dda61db145f212a10da1e93c74270349e1df910734b322
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abd3e064745c2ecc9525abbf9e9ab144f82c2e52220c6d79dfea4703de18a51a
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae5cc7d03d9191695f4a4f61d52b54f268725064072406312852bfdf66c743ba
aed64c99467b367b7e7b94255cfb72a051620288966bc22030cd6133f45e5060
afc754208eeb712d84ac4bd5b32c23883381af41af813e070c44c10a04866b0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8095a837fae56876f0f9996bf69fa68537720ba8aa863d7c9aec3e3def04008
b8dab6497c8b15214b042ad2ca73c722079a9e1f189966b3467c7ed674331638
b9f9670c6bf7b7fbe0f66392e0c168ab44a84b797b473aceab575eceb3e19a70
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca29c281587b553a19f8e2c476d7fb0ef4efa0371660ec11e547235eeecf382
bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
bfc6883863d1d8dc27b491556f0f91df31da6a3f86fa1d9d8dc8686e067bd8a0
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cde3f48a75106d9686698a27d3eca6389f4c42e14973866c72c474c1a36264f0
ce797a4fa7542525b4f22a542a94d7eb34d6e483d4925d683aa90e2cabd0c288
cf2812e71d94ebe7a39509f430096991e93451ae72d204a125de77d308221533
d0596452f678cd025457ff1d25f79daaef983441162f3564a4abade6a6bf86f9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d188d819ad4f088a4ee6a98034deb638afdb1cbd32c590ba60ffacbd3f1c9da4
d377ddcb6d483cada1ee215c88a7ed50c7c05c397fe139a0240877d824585006
d55f290c51141beafffca305a9d92c7274f03b39d22b32445a18f120a1308623
d76154a54df9f1093c675efd448ba0c9ee749a6971beab0ea419a167334dc3b0
d78a05eb991d8d3d61d46ea6963ee77552ef44ed135262e1eb676dc5619311f2
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d917a8df274a8599c85eba9fe3c6fe6b12f605508794d7c84cea85d188a680ca
db2ee699f488654393683e9cbcbf61c2a67a4b4e6ddf3c7b5655912e9b9e8a1f
dd0b04fadc7385e858f26ef0a2149a548f4cb1b48238f822118663acd49f1055
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3984198eb73078bb727320b1363493cdc3c1a74c10162e8182b344c5181ae0
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
decdfcecd30a92a186ef7c5701587da8cf3bf4764de4beea552f9d721ae73e50
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d26b2ecd5a5cc9d8341346e8bdb99029af0ddff03835f7f4c710c8a48263d5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e57d6b6a8ffe3fe418542e6723bfa1180e3cfd54329b786a311bfedd16cfe27f
e70a17d0da7ef3999edc32462c33b4b9791d4fd8095c2add91a48ef6b2731888
e7ebfe979a1dafb0e13d32a6f9b1edc7a4739f393a66b63eb381a09109fc4373
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b
ed6e5a75a8532a78b171f718a5ac9865f5b3ba77b7fdac801d5bbd271e0c215c
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f16f39da331cdf153d6c09ea0518b8f586634c6f14ee0f70c6bf54e52253c5c9
f215026833db985bfc1c8636bcc253367c0f47ef67c432afd25079e104f8855e
f36324ad58ad455cb3b2ed61e5e7326afb3de6988fe5c592ded25598f13405a2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f558a9a6eeef180607677837bb37b6fbc068d907b89e35f694665e96eb816c81
f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7f37861208dfcec291389fb8864c588fbc3d4a309e534cbb3e7bc163110b70a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa3cb2957b9d1c2b14e59e469424e4ebaa8f8cc5b49c309f2f01b7f9f56d941b
fbb7c5a656d9f3abc2189c0bc346a69c5312670d7eb8a05021202ed7916a6825
fca22f2104f9fd007825c9c852814c8b66e55e85a7d6da32dcbb7510bc03770a
fd70e84ff15443ff09ae6f5ac8c8e3784bffa7d9288081fa4f4fafe2ccdf90f6
ff6c951b426718f17c6853c05a995e3a6968831eedf7b88f1bd484e62cf62e00