securityaffairs.com Open in urlscan Pro
172.67.140.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Submission: On April 05 via api (April 5th 2023, 1:44:50 pm UTC) from TR — Scanned from DE

Summary HTTP 217 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 30 domains to perform 217 HTTP transactions. The main IP is 172.67.140.211, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 805544.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	172.67.140.211 172.67.140.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
10	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	13.32.99.51 13.32.99.51	16509 (AMAZON-02) (AMAZON-02)
6	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
11	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.66.97.22 18.66.97.22	16509 (AMAZON-02) (AMAZON-02)
1	3.122.91.229 3.122.91.229	16509 (AMAZON-02) (AMAZON-02)
10	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
18	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.250.110.157 142.250.110.157	15169 (GOOGLE) (GOOGLE)
13	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
32	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 6	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 27	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 3	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.158.223.140 64.158.223.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	18.197.15.234 18.197.15.234	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
217	26

42 172.67.140.211 (United States)

ASN13335 (CLOUDFLARENET, US)

securityaffairs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-22.fra56.r.cloudfront.net

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.91.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-91-229.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.68 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.158.49 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.181 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.15.234 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-15-234.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	545 KB
46	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	231 KB
42	securityaffairs.com securityaffairs.com — Cisco Umbrella Rank: 805544	2 MB
22	gstatic.com fonts.gstatic.com www.gstatic.com	322 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	282 KB
10	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4000 adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	8 KB
8	wp.com i0.wp.com — Cisco Umbrella Rank: 3491 stats.wp.com — Cisco Umbrella Rank: 2973 pixel.wp.com — Cisco Umbrella Rank: 2697	324 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	292 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 830	3 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	919 B
4	google.de www.google.de — Cisco Umbrella Rank: 5216 adservice.google.de — Cisco Umbrella Rank: 7832	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	1 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	919 B
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 804	2 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	2 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4943 buttons-config.sharethis.com — Cisco Umbrella Rank: 6484 l.sharethis.com — Cisco Umbrella Rank: 5236	46 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	207 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1512	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 37864	611 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 712	465 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	339 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	556 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1557	350 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	337 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284	256 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2020	1 KB
217	30

	Domain	Requested by
42	securityaffairs.com	securityaffairs.com
32	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
27	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	securityaffairs.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	www.gstatic.com	googleads.g.doubleclick.net
11	www.googletagmanager.com	securityaffairs.com www.googletagmanager.com
10	fonts.gstatic.com	fonts.googleapis.com
10	fonts.googleapis.com	securityaffairs.com googleads.g.doubleclick.net
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	i0.wp.com	securityaffairs.com
4	pm.w55c.net	4 redirects
4	sync.teads.tv	2 redirects
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	d5p.de17a.com	3 redirects
3	um.simpli.fi	3 redirects
3	sync.mathtag.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	securityaffairs.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel.wp.com	securityaffairs.com
1	secure.gravatar.com	securityaffairs.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.com
1	platform-api.sharethis.com	securityaffairs.com
217	41

This site contains links to these domains. Also see Links.

Domain
www.resecurity.com
i0.wp.com
docs.google.com
twitter.com
www.facebook.com
infosec.exchange
www.linkedin.com
securityaffairs.co
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
*.securityaffairs.com GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Frame ID: 2BEF44E53701BC9CDDF45F800D9E2B08
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20190131/zrt_lookup.html
Frame ID: F27A2C55E6A40B3F9C27410A9748CA21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1680702285&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702284847&bpp=6&bdt=609&idt=696&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6741870590067&frm=20&pv=2&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=743
Frame ID: D21D96880E6E6BD171D6AC04232FBABD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8
Frame ID: F80D6798BA30E142EADEC6D02567062B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30
Frame ID: 1033D41983D8045C23D45CCCDBC6812E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=wOhEMITCKm&p=https%3A//securityaffairs.com&dtd=35
Frame ID: 0AEEA76C894E582A44D1631890B9EE09
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
Frame ID: DF6720C538B4640D2C4E8828FA7B0459
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1
Frame ID: 084C33F86AAEC522866E06242E41F7CE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1
Frame ID: 884C8DCCF45B78E2B46E6428ABBA5608
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 14364C09B4CFEC26A4D6DC3965A4EA8C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06FADA5C3F0776CD0032C2BDFC2C05FF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48F4675E150FF2FC17342FF1D7A80C86
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 96B239DF18718BCF0D72929B14175D61
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: CE2D8682D16C8BECAB81B08812115D53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 98BFC001D65E23CDC98DA1F18609B182
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CA62C2FBC272B8A91220F53D7BA178CE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 02E98EA8C20978066C65603B7B87AA7C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91950CB9627B30D7F7B1F5E9C5E612CE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 728231153148193B58AB9C62C5199033
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7F363AA013D8FAACBE60212764520DFA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: DA10447D6E800F09B401562C28AFB5B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 1A8BCA29A04EC477C27A1DAADEE6071E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 403B646F1FFCC49BADA6F0EA79102A92
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28D409A2958EB98ED83EC007F8B2596F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EADB91F3B7D9A00433725470BD89D5F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STYX Marketplace emerged in Dark Web focused on Financial FraudSecurity Affairs

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

217
Requests

89 %
HTTPS

0 %
IPv6

30
Domains

41
Subdomains

26
IPs

6
Countries

3777 kB
Transfer

7177 kB
Size

26
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.resecurity.com/blog/article/styx-marketplace-emerged-in-dark-web-focused-on-financial-fraud
Title: identified

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/STYX-Marketplace-Emerged-In-Dark-Web.png?ssl=1

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Title: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Search URL Search Domain Scan URL

URL: https://twitter.com/securityaffairs
Title: @securityaffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sec.affairs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@securityaffairs
Title: Mastodon

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/
Title: SecurityAffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&media=https%3A%2F%2Fsecurityaffairs.com%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/70429/deep-web/deep-web-book.html

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/112244/breaking-news/security-affairs-newsletter-is-back.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/132506/breaking-news/securityaffairs-best-european-cybersecurity-blog-2022.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIhX9eyM31FbGRB8la-QcQY&google_cver=1&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_bG4Ft-y2GVpzyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_bG4Ft-y2GVpzyw

Request Chain 157

https://um.simpli.fi/gp_match?google_gid=CAESEAsbwwMJ1BHFGQ03KrHJpt0&google_cver=1&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHnRrqAi_c0NfC4LlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHnRrqAi_c0NfC4LlQ

Request Chain 159

https://d5p.de17a.com/cookies/google?google_gid=CAESEL5FOXWUWAdfAecmCN96sTk&google_cver=1&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL5FOXWUWAdfAecmCN96sTk&google_cver=1&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEcjoYsHIGCc1PvE4sM6N0A&google_cver=1&google_push=Aer7DvL6d8TwxCYCkfKIvJOnC7LKoeJN7Zm6FAF80TRra4WVMx0I7BH3mHTO2_WrzcFP8Iutib4rCIyge50UQr3-49kJ9d-FOMvF9Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEcjoYsHIGCc1PvE4sM6N0A&google_cver=1&google_push=Aer7DvL6d8TwxCYCkfKIvJOnC7LKoeJN7Zm6FAF80TRra4WVMx0I7BH3mHTO2_WrzcFP8Iutib4rCIyge50UQr3-49kJ9d-FOMvF9Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvL6d8TwxCYCkfKIvJOnC7LKoeJN7Zm6FAF80TRra4WVMx0I7BH3mHTO2_WrzcFP8Iutib4rCIyge50UQr3-49kJ9d-FOMvF9Q

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwCKABSQbYor42tDfbbHvc&google_cver=1&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KBHEAinfwRKrAZwCV2BcLi0TGMbtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV0gtMVYtOEFVOQ==&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KBHEAinfwRKrAZwCV2BcLi0TGMbtQ

Request Chain 162

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELApCHq9a7gX5gKfYyEnBcY&google_cver=1&google_push=Aer7DvLLarkI8x98kNm9W7cX8SHs3MPSQaJ750seppUxBmh3h7mu7Xkt-sXKINmqrH4mnuACMhFeY6HWOC3A3cASvFmwy4Ly0GmWtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLLarkI8x98kNm9W7cX8SHs3MPSQaJ750seppUxBmh3h7mu7Xkt-sXKINmqrH4mnuACMhFeY6HWOC3A3cASvFmwy4Ly0GmWtw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 179

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_avsmabAYZPyQAGLzMvv-MxT1gxLIqMVtJpUeY59pJ5hPqqT6INlwA_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_avsmabAYZPyQAGLzMvv-MxT1gxLIqMVtJpUeY59pJ5hPqqT6INlwA_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_avsmabAYZPyQAGLzMvv-MxT1gxLIqMVtJpUeY59pJ5hPqqT6INlwA_

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWcr2x5PSoeKZ7n6cgSsFM&google_cver=1&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl12k0u33t3zHPjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl12k0u33t3zHPjw

Request Chain 181

https://d5p.de17a.com/cookies/google?google_gid=CAESELj76q6vU69ZwGZJWHMIcLc&google_cver=1&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647nT7DuwGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647nT7DuwGw

Request Chain 183

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBdXwN3zBNv7KX2EUVVdXGM&google_cver=1&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_DfBlAPa2ul8OZf9pAEidOa26audjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV1YtUi02VFBB&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_DfBlAPa2ul8OZf9pAEidOa26audjA

Request Chain 184

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_cver=1&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rOd1L5hBZnPxgISONQ9_aS_ZALNysDpbnTJxM0-QhMTp0qOfKFgv13WsT4e88YVC2Dw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rOd1L5hBZnPxgISONQ9_aS_ZALNysDpbnTJxM0-QhMTp0qOfKFgv13WsT4e88YVC2Dw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_hm=ZC17T0MXCZwFt6DJ2cbr5QAAFFMAAAAB&google_nid=index&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rOd1L5hBZnPxgISONQ9_aS_ZALNysDpbnTJxM0-QhMTp0qOfKFgv13WsT4e88YVC2Dw

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 196

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cver=1&google_push=Aer7DvLPmlLeFkXFeOIegO1FLM3JbBOrAy5y4v7-F_9uZeuZNaipuBdMrGEThuB3EVCxTJpDGteTaEIkgABuofUXNpB-yyXpmE_msCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cver=1&google_push=Aer7DvLPmlLeFkXFeOIegO1FLM3JbBOrAy5y4v7-F_9uZeuZNaipuBdMrGEThuB3EVCxTJpDGteTaEIkgABuofUXNpB-yyXpmE_msCg

Request Chain 197

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG3U5sW8iAH4A-AzgDL47LY&google_cver=1&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1P0iVY-hHVTfoTwU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1P0iVY-hHVTfoTwU

Request Chain 198

https://um.simpli.fi/gp_match?google_gid=CAESEC6ZLxgJrK-7d-hqPkA1AA0&google_cver=1&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8BIbBVxAViZ9u_FhkI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8BIbBVxAViZ9u_FhkI

Request Chain 199

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDhBY_iqOtYmLHuPSrNaENQ&google_cver=1&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0wjTY5TAovio8Jg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GhA5z8E9TfujIrq2_8zsKg2&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0wjTY5TAovio8Jg

Request Chain 200

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIL9vid2I8aaSsxZNuw5_0Q&google_cver=1&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQcuYHxY-4aArXJDV3HZOyplAE0Mdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFYMEktUy1KVDZX&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQcuYHxY-4aArXJDV3HZOyplAE0Mdc

Request Chain 201

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHAxWIe2nxOF3vo0x4QpsP8&google_cver=1&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-iY6SpIAIgZMn4XOE_ds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-iY6SpIAIgZMn4XOE_ds

Request Chain 202

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGP7sJ_-fHJmZkOXYTc6mU0&google_cver=1&google_push=Aer7DvILuhH3ROD1nF5l-ktQdkrCXQcougYAV_46uk18WOPDe3I1TFqj6v43UbtYqkJ7QOMjgbzHdXT5OEVveKdJyUpwxx_ff_cJSEFx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvILuhH3ROD1nF5l-ktQdkrCXQcougYAV_46uk18WOPDe3I1TFqj6v43UbtYqkJ7QOMjgbzHdXT5OEVveKdJyUpwxx_ff_cJSEFx HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 208

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cver=1&google_push=Aer7DvLZeKk8458VTUWtPK32RDIGUc0-Tan4t9hMhQjTcUJPyKzpYtS4_UMiKaPKMjTTKgEn9CdHIkh5Ji2GzHObgUfXvEhrPqkYurk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cver=1&google_push=Aer7DvLZeKk8458VTUWtPK32RDIGUc0-Tan4t9hMhQjTcUJPyKzpYtS4_UMiKaPKMjTTKgEn9CdHIkh5Ji2GzHObgUfXvEhrPqkYurk

Request Chain 209

https://um.simpli.fi/gp_match?google_gid=CAESEGlMD6Z6yTC0VZFdeaxwZ1U&google_cver=1&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5rueUgyS8tpy1i0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5rueUgyS8tpy1i0A

Request Chain 210

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGwFR80Rzh9EDlgULaB9pNA&google_cver=1&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpcaaZ850_FQaPrNhhQYp48 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpcaaZ850_FQaPrNhhQYp48&google_hm=Y0dw6KkKSISpuw7Oj7TVj64

Request Chain 211

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOonj2hbr8xlvl3-abyl9ZQ&google_cver=1&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67NygcojvRVLwT54dUBsrkkBM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxODU2MTM2MTI3NTcxMzY3OQ%3D%3D&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67NygcojvRVLwT54dUBsrkkBM

Request Chain 212

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELceQlSySONc7cBEQDkZOXE&google_cver=1&google_push=Aer7DvIYmEVJ0u02DcO-s2syaGbRNgkD8T_mjW-JLw2qAq_KQnzU_eW6YFRoIPcFWD5ZLu1Val7L6rMssCwxS0jxpgp-Lx3WxqVXIXQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIYmEVJ0u02DcO-s2syaGbRNgkD8T_mjW-JLw2qAq_KQnzU_eW6YFRoIPcFWD5ZLu1Val7L6rMssCwxS0jxpgp-Lx3WxqVXIXQ

Request Chain 215

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

217 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request styx-marketplace-dark-web.html Show response
securityaffairs.com/144446/cyber-crime/ 88 KB
20 KB 466ms
112ms Document
text/html 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21a55f6360b415a54742dcba0d6e592a9f977c62b3365d7592c71b36fa5de507

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7b323a3bc9b52c7d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 13:44:44 GMT
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/144446>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=144446>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG1wEZoAMEYQ66JOyUWZIFZ2gPcgosKAyLOqvT60C9mUvUFbEES83eljEpRZ1I1U6wrWpoZaoH90mgCZTEuUQLB8xnl94%2BZ2tZZq0C6ALe0HivAtFXgsyeeJP0ZUdyv0nxl%2BH4Jx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://securityaffairs.com/xmlrpc.php

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 471ms
84ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d3f4f5a6502cb7cdc7de32826b5226798d070048561a6af0966f42ccc7019833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48108
x-xss-protection: 0
server: cafe
etag: 6821884824583735828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:44 GMT

GET
H2 200 style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 29ms
23ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571346
cf-polished: origSize=104503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-19837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FNvvymJICXIQFc3bHONBOzuxN3FpxNoJMV0Dbu5jag1VcrKxGSDtijXK14KcL1gCF66sfWjoC3L5F0mJjI2Vhh6VAlkdhvmFJu6CkYBJ3VDYzBTUpQxcGy043vE9TulsV83WTbn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8abf2c7d-FRA
expires: Wed, 05 Apr 2023 23:02:18 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 11 KB
3 KB 27ms
21ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 246265
etag: W/"5fd15e34-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwB03YH4W4L8ER0K%2FFqq8ONTw8rPTPhrnHPcqmPyhnK349DBUICzKoNWLbwo5G70iat9ubIP1TapNv4r9tlxjyA9QTPpncJZ23IlffJK4VxvJE%2BodR4dqAO4A%2F1oO0WEXuUfipas"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8ac02c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 4 KB
1 KB 25ms
20ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571346
cf-polished: origSize=4960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: cloudflare
etag: W/"5dcc9728-1360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e0HoYwk%2F9Y4MzY%2Fc4P8%2BDN%2Fc9pb9Tigsl0OQQz7FMjww6EcnmFaQl2swnk9N6ymHLIvTHigomE%2FC2leaP%2BHPQJPzh4Jiqb70Z%2B1GzR3TYpeXUyJ5rcaeIOfUSYnGNKLZRlGH8sv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8ac32c7d-FRA
expires: Wed, 05 Apr 2023 23:02:18 GMT

GET
H2 200 classic-themes.css
securityaffairs.com/wp-includes/css/ 257 B
476 B 34ms
29ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571346
cf-polished: origSize=729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t00jK554jMzG%2Buu1p3jKxyOR0atHEvrogB2IugAFb4r1bkiw3QTQbCRJgOZABI3Ulqtg7UqdH2Ns35oG1XE2irTABU8MMjOBmHREFJo3VxwSBgUbsQg4MXsu6MJti1Qz7aOGRyEB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8ac62c7d-FRA
expires: Wed, 05 Apr 2023 23:02:18 GMT

GET
H2 200 cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 26ms
20ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246265
cf-polished: origSize=3106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=921V7MF0byXIQDKfH0sG3QFL10avYTYC1dWNcqYPMuljQRee8CLK7dOQAwiXY1zuQdUees0cpXMk5xHAgKTnJXRfT81Y1rOnwCO1JeNSN0x5CtNbd5aMTfLkOEGohSk7fW1KnPsM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8ac72c7d-FRA
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 22 KB
4 KB 30ms
26ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246265
cf-polished: origSize=27249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-6a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55fFH8wRe9tyRJbOmYPAxDiUOHOxJ7jxNx4ghuVnxTPQUUJPzNyiAa0D3V5PerBUnpOIL%2F7W6BOvwbNKQZsZi4MKAMSHWqXgKNZUuEAH6egHi%2F%2Bq3FVQ0fhXCSUwSg87isZ5Hn3u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8ac92c7d-FRA
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 15 KB
3 KB 30ms
25ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246265
cf-polished: origSize=19858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: cloudflare
etag: W/"56716d33-4d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHv92OYQzBVPm6mnDHKsVoMCvynPRmBbP6oaR1nxxZNauCWaodFvhwx8wu0krKUFtaGJgKBq9hTAZAHXsSlmGy7X2Jr3tH7PDrRVNgHk%2Bte%2BY3vWwBVoVyTkCaV9TTLfqOPTW0Fz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8aca2c7d-FRA
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 461 B
530 B 26ms
22ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246265
cf-polished: origSize=539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOxC9p2TzbEjlcXVJeCj2gRsDclmMmfiPioaOkpNltf9%2FJGaegM8CoSWa2ixoq%2B2P7uJqOB9G2k%2FFjyoDlXr55EIDF7I8ojWRAEA8PtCu4uAZTIGWn2xJ%2B7OVdxJP4vGl%2FxcIkAz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8acb2c7d-FRA
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 5 KB
2 KB 28ms
24ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246265
cf-polished: origSize=6225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: cloudflare
etag: W/"56716d3d-1851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr1IlgSDjwbnQbmNOERrZbpi%2F1ZQKAuVA%2BGDJrDW5rhJKM%2F6YPmfsKGBJ0H%2FiIZ5cJCoDrWNEUAJq4VZnUc2OFwgqD9WfiVXzBk0sAlJnBKcn9ETTPlx53BQBZ1V4GEElvJXUDn7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8acc2c7d-FRA
expires: Sun, 09 Apr 2023 17:20:19 GMT

GET
H2 200 animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 1 KB
785 B 29ms
24ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308684
cf-polished: origSize=1716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhnWqYrHwc1In7CX4ZCrC%2BYZV56xq63NU7XWCliLY4EMOWLJTBu6jIVAuq1U1NT46y%2BipFtdyMNwOiheUKON391eYvun4%2B5BQdLzb4RXFUg%2BLX4wh%2Fhz8meswfzNppDCWPWbVK40"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c8acf2c7d-FRA
expires: Sun, 09 Apr 2023 00:00:00 GMT

GET
H2 200 font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 17 KB
4 KB 38ms
34ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230313
etag: W/"56710b7a-4574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0qJjT%2BOZTtv%2FtnyIc%2Fkterht%2BQbp9XHusxSnnKISnjlsjCJ4aGCymcYsm89g0Hxcw50jTY7YE3GCq0za0qpN8PROK70OP6%2Ff7J1k2dxSQt%2FTF1Gi1E3KQJOpkPfOl20qoeA3fn9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9ae52c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 21:46:11 GMT

GET
H2 200 swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 37ms
33ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230313
cf-polished: origSize=4493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: cloudflare
etag: W/"56710b8a-118d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3Bp9ljuEJtxRUJZjpp%2B7qb22hKZ4B%2Fe8LqJV%2BQvAlpAsmFrcBuDy7JHmG246wn%2BvMSGkLbhNNMkyfsMXwLaVTQC5X47HFH0plY6HY412XJQClfmkcABOk9EV9dipGrsMkOyryBY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9ae62c7d-FRA
expires: Sun, 09 Apr 2023 21:46:11 GMT

GET
H2 200 jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 264 B
469 B 36ms
32ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 481729
cf-polished: origSize=334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-14e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrfS3Tq9qQrMj%2Fm4RH5ppefeQFXrhHf8s%2FANIoBC3aIyHJHUqXEroHn%2FpzB2KyFdAD7NOeUKMLcJcJDZUL2XPSfAqx6I8FF0ie%2FvArtrXh%2FZVH0CYnJNZ%2BXNJF9odQSYREnTcilB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9ae82c7d-FRA
expires: Thu, 06 Apr 2023 23:55:55 GMT

GET
H2 200 screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 95 KB
17 KB 40ms
36ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230313
cf-polished: origSize=112708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-1b844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qPpSHBovcwe%2BoKoxWfvEOrXasWf5caP4RZcnHwvRkbioN5EX%2FH7Jx47pMW7ZNCskboum91zS4LnIEwaege1C%2BM3ex%2FdQDp%2F83Ut%2FBTteWSPk5b1hE%2BMwQ7gbbzMfXG%2FJq6bJhgJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9aea2c7d-FRA
expires: Sun, 09 Apr 2023 21:46:11 GMT

GET
H2 200 custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 12 KB
3 KB 380ms
376ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4AY7su%2FX0gGjC4B69wc23LxZS9QVqHWH0HhTzoetv4ZVesrqM%2B33QuUpxrW09nNknkkwcZjL%2FM3Vp9NET%2BPKKmdx5JrVre9ch%2BZ9uZAJbiWy76km6MLZrs0H%2FHB2vQ57u9WD5xB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=UTF-8
cf-ray: 7b323a3c9aeb2c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 441ms
47ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

696ba92e789802d7f0f9be9df74e4e93fca67e1770aba35d0eb58d2455a9809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
528 B 442ms
49ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

2f594c614f282b4aa13357496d01e5ad7bf60b270e0786cae089bbbfb4b97f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 12:26:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
625 B 448ms
54ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

d2f9e27942c2f7c73121bf086987c33c91fd076f08ecbd549c2c02646e8324fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
624 B 451ms
58ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

dd35363d56e4fc8e946c08ab06bc2ef1345c022893649ea5c086b9b275504b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:44 GMT

GET
H2 200 grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 43 KB
7 KB 42ms
39ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571339
cf-polished: origSize=50674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: cloudflare
etag: W/"56710b7b-c5f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1OYnZoGHliCtfwk822QRgor4wm8e9jUz6YuoPdBgaa%2BvlFHKX5E8zdMF5afg3d%2B%2FsEQkTzyIcZ6L%2Bhdbhqp%2B7UNndLMsoRme%2FUkW9%2BrRTE%2Bvnrb%2BCIS1PY8%2FzGTBGWl%2BkFF%2FjMx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9aed2c7d-FRA
expires: Wed, 05 Apr 2023 23:02:25 GMT

GET
H2 200 sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 16 KB
3 KB 37ms
34ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=11.9.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135147
cf-polished: origSize=19408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 23:25:59 GMT
server: cloudflare
etag: W/"6418eb87-4bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRHzV%2Fy4HhPPV7ZdSNGNNJWg%2F6YoMW9s7Omz7X3cJsC0TR3%2BRInwDZaGnNJ0KK6Mla9UoMUYH2RjQ4TizDV5nfAWLz0mB9Le%2ByGtg3VEbrF3efQaxnhHKeXgXX26ED13SqCcfpFM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9aef2c7d-FRA
expires: Tue, 11 Apr 2023 00:12:17 GMT

GET
H2 200 social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 11 KB
8 KB 38ms
35ms Stylesheet
text/css 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=11.9.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135147
cf-polished: origSize=12101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 23:25:59 GMT
server: cloudflare
etag: W/"6418eb87-2f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3G2pZJEjh3PMByFbA72Xk%2BrQ%2BljfurE9R%2Brf7lqKSmc4bD59XtpHIDdsygc6XysHUd0P%2BkB5aRUDWQ4s00J6Wuy2l308UDa7I05E0XSNKKi%2FdJSPKbxkzk3NtMcdepbznfXgQ4k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7b323a3c9af02c7d-FRA
expires: Tue, 11 Apr 2023 00:12:17 GMT

GET
H2 200 jquery.js Show response
securityaffairs.com/wp-includes/js/jquery/ 142 KB
42 KB 42ms
40ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571339
cf-polished: origSize=292478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-4767e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVo2g8bYutye4OvvwDwTJakzl6TJRwcvaVyfxK4SnljwgYvwVUS2Mb0DWaG4MxEekcRZyKf%2B80i%2BsRFt4kug0DIwXLMWTcpnGdmVpPfctlLL%2BcIlN1Krbh7qz3oNn3s75opO8DyZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3c9af22c7d-FRA
expires: Wed, 05 Apr 2023 23:02:25 GMT

GET
H2 200 jquery-migrate.js Show response
securityaffairs.com/wp-includes/js/jquery/ 18 KB
6 KB 40ms
38ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571339
cf-polished: origSize=30789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-7845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMLVJcrgTEX%2Bnkczq8iHswSsyKS7Upsf70bGTS3nSYM0qUHAcOoTJE3hsK4alTSL8lD%2FqlWpIGz%2F2vGwErrlJrKpedUx8Tjh5ZW%2BfcPiQZfHSvy%2FaVe0LZJ9rXhLURZKMw%2BzbyNx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3c9af32c7d-FRA
expires: Wed, 05 Apr 2023 23:02:25 GMT

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 27 KB
7 KB 53ms
50ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240824
cf-polished: origSize=34179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-8583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgLrxU2Pn9mxNvRIeQLipP4mhUZUZq7wPNfl2jkkG2D%2BCfrbJD6xwY0RNsFy7TSpt9sbE0n65NHu4lZzj8%2FJMDM5qAdTuW%2B%2B6jUoq3P9U%2BDRfTw8sqWa98i550DI4owtlyvi%2FBXh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3c9af62c7d-FRA
expires: Sun, 09 Apr 2023 18:51:00 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 198 KB
45 KB 52ms
9ms Script
text/javascript 13.32.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-51.fra60.r.cloudfront.net

Software

Resource Hash

d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:16 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 28
etag: W/"3184b-xStZrNgO3eG9+q9l3cRkzPWrPx0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: fP98JZCJPDQVk3eIGh7Zwthgf_uTKYSLvh1pOvK61RRJmN2Gvv4MHA==

GET
H2 200 STYX-Marketplace-Emerged-In-Dark-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/ 235 KB
235 KB 52ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/STYX-Marketplace-Emerged-In-Dark-Web.png?resize=768%2C665&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a104d474af141657b1e92c0ea5bbc21fbfd4a7ae0e6aacdb17bca7451c4da019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2023 08:55:46 GMT
server: nginx
etag: "cd57688e4376933a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2023/04/STYX-Marketplace-Emerged-In-Dark-Web.png>; rel="canonical"
content-length: 240324
expires: Fri, 04 Apr 2025 20:55:46 GMT

GET
H2 200 CISA.jpeg
securityaffairs.com/wp-content/uploads/2020/07/ 42 KB
42 KB 48ms
43ms Image
image/jpeg 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2020/07/CISA.jpeg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64455
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42534
last-modified: Sat, 25 Jul 2020 11:32:42 GMT
server: cloudflare
etag: "5f1c185a-a626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxJMKU5CRfl%2BR1hTUS%2F2XYXFxdxS%2B7jbeqC7G%2BkVOFsNJvSb5kFT1KVJBfKeZmevAWdpC3Sm%2BragF6%2FkKq1%2F%2BaphQdCjqSP3mribgEE546kVwW%2BaIWMruI866SGMWAlxhEurGs9j"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7b323a3fbede2c7d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Genesis-Market.png
securityaffairs.com/wp-content/uploads/2023/04/ 1 MB
1 MB 41ms
36ms Image
image/png 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/04/Genesis-Market.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e218b67b309be2daf9f8c42282697b8b976edcb03ad318e7b66208d07f0bbb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1452111
last-modified: Wed, 05 Apr 2023 10:30:22 GMT
server: cloudflare
etag: "642d4dbe-16284f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIm6lVsWy3XJZPpflgNdds3XvMeomtfHeiXyiyN62T51IZLCoJvmCLn9CSs49SMh1yjTVe3o4il81P0uoxLBQLozZGvV4Wmfr6ueoK9n9i%2BlscLtyLpb3s3YGK0v0Ps%2FI58aC%2BCR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7b323a3fbee02c7d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ransomware.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2019/06/ 17 KB
17 KB 51ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2019/06/ransomware.jpg?resize=300%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ea89dfb7600e669172bb721c781928b72c8110bfaddc9f125abd0ed3725173f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 06:48:58 GMT
server: nginx
etag: "a45d4de523644dcd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2019/06/ransomware.jpg>; rel="canonical"
content-length: 17310
expires: Thu, 26 Dec 2024 18:48:58 GMT

GET
H2 200 email-decode.min.js Show response
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 15ms
15ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaQyC278kEM71XSzlTGFgwKhz32l9doqX5qL%2FIkuE9%2BO7v1blmFNKiyyLW5hMGchYHLYKqe6kUWkIX9tajo0ntY7FSYvVgrM%2BeOHXLT9Vn9kTToU13hW3EDoIVTIfx0UNZRvUiF1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b323a3f6e732c7d-FRA
expires: Fri, 07 Apr 2023 13:44:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
82 KB 474ms
90ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a6ff23c555ff2ff67a567fe716c5e0b5c932c923cb2a08e05fed61a391119f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 13:44:45 GMT

GET
H2 200 photon.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/photon/ 927 B
782 B 37ms
28ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236179
cf-polished: origSize=1760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 23:25:59 GMT
server: cloudflare
etag: W/"6418eb87-6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwdxKSgkTey6krOCehy%2FKCJ9q2fl7rcUbB7aExAzOSEXvLB4VprYWLwBM2iPQW8gJ1mod04bdBaBVbdlZR53uo3FQtHqIq6922yXwa%2Fh686%2FKwWKPi9%2FO86W16Gp9HXHOceftDOv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeab2c7d-FRA
expires: Sun, 09 Apr 2023 20:08:25 GMT

GET
H2 200 ssba.js Show response
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 34ms
25ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1678144527
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124573
cf-polished: origSize=3110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 23:15:27 GMT
server: cloudflare
etag: W/"6406740f-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKHjAkNQcpCGdDNTY0orzKEUBZfvIRFfIFydrRuAtbsm2BqZf0TBX2r9ELEhvOnv3KtdFHbvv%2B0c%2F16X%2F7%2B0xWVgoqMY2%2Fs7MeVf28eBQa1lEratohkJcY8L2pLJVqcER1EqTWIb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeaf2c7d-FRA
expires: Tue, 11 Apr 2023 03:08:31 GMT

GET
H2 200 hint.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 467 B
559 B 35ms
26ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235871
cf-polished: origSize=987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-3db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve0f9eeqmpnlBGPXV25fqgrb2A%2F9bMqV%2BtA6ugRA66RZPEb3012iHIIk4W4bKsMIhZu6pV91pZavDt6INNFSUTylDU2D22V9WxmcLg6pm42d%2FHizID9ht149NShLOoQpXmjDPCqu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeb12c7d-FRA
expires: Sun, 09 Apr 2023 20:13:33 GMT

GET
H2 200 jquery.tipsy.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 32ms
24ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242027
cf-polished: origSize=4371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpnduTJhbGGTbLllm4MvcaU%2BTtM7gh2xM0jVWg54sXCahnmDQdFXk0QgREJ3X6iERjhFr54LNCjEoKWvb%2FEYogD0ACU9yK0jmx54cs%2Ff7Cy8ccJ9%2B7jauJWI69pm1iwWyRR4jU3M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeb32c7d-FRA
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 jquery.easing.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 4 KB
1 KB 38ms
30ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242027
cf-polished: origSize=8097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1fa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz9FPstAWFmB8xswVvUIOT%2FyvvoXiD4korf21P6Ir2peWsFlKKoO4fk7aFUMOrHCOcbqE5g%2B597zxmVHl9ilIBwI27b%2FANL%2Ff9FenpPYaUtOV1gi9tsQ1EyYlsE%2FoVkCeqBK8boa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeb42c7d-FRA
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 browser.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1005 B 35ms
27ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242027
cf-polished: origSize=2614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-a36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTCzr9Jyyy34MV%2FeUQsqrYAgAsbxtezIz9VbkxLUXjzSZ8M0omATszBvD4HfgoD8p5%2BG18TY7%2Fk03G5bXt0H6eBNyHATFzHcBCRiE0DaoP0V%2FCDYtOM2LZ0t4oVcRLsjngMy1oJ2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeb82c7d-FRA
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 jquery.flexslider-min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 21 KB
6 KB 35ms
28ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470757
etag: W/"56716d3e-53ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z9w7fmN4psozp831b31z42aL85byN5uLh%2FKemca1t9jMUSHBBWI8sMhIeDF8xu9tzzR%2FcbMLkd6c4eLTIqZEY32hDRKmKvMOiaHb%2FVJ8YhyIhH5y6D7uhE9mru7Iaca5QxqiKn%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeb92c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 07 Apr 2023 02:58:47 GMT

GET
H2 200 waypoints.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 8 KB
3 KB 36ms
29ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 242027
etag: W/"56710b8a-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F9KePsI8NtscAnB12P2BkJsIf2VRoGk0rY69TxIkxeGaI1L6tQRY227%2FSFC2mYlosPcyC9nU%2Bu0q%2FCL30qDtdT5yoeyDItkMqChtirxbeEyUWaSz9GTA3SMupBmWZAWtUqvhT3e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faeba2c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
20 KB 39ms
32ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 243937
etag: W/"56716d42-11571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VevkZFZqcR1dv0n%2FIeixeKSp%2BaPRKALjnB6wZe%2BR0CWGVyhDRHr%2Fdd2zEglU1gwQNi31EbjZxZak1GSaxYVzXkiVUlpS%2BxAxPBIR6tOdftqVswLhi%2FrRRDaB%2Fq9XEpCgwhfnR5wn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faebb2c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 17:59:07 GMT

GET
H2 200 jquery.swipebox.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 11 KB
3 KB 38ms
31ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 242027
etag: W/"56710b89-2a67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruOkdUSGkepDQbfuS3BZlZs8F%2F0GY8sJwyHDrzdnA4lgHPUIhhNRvChjlW1fammYYSiqLGrLJN5uJtKldzRQPAgamWeMe05%2F%2BfHLN10%2FKbJdcGwerADkQPcDu8pK%2F2M%2FsX23W2AR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3faebe2c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 jquery.circliful.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 41ms
35ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 242027
etag: W/"56710b89-c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lo0d56b9sYsFjVzm4kZ5CDWHHX6hPv9GvbQn40eyhMA0NumCpUTtmLSX8LuM2lVKvnifj%2FlA64i7LJqWVRMaLoOxqH5HUYkJhSy6Grj2Nb%2FG0IaaatDX49jQE6DRDVdAXbEJfCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbed52c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 jquery.smarticker.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 13 KB
4 KB 49ms
43ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 242027
etag: W/"56710b89-3225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCcWjLi3OxTerxSdKmO0YbxTDu4C5r3aLQEMEyMpQsp4OKkQBv4ycedJrMna5gyP0Te7eCJY1Rcx2huvAnzzkL8A2eX7kt2XZ4N%2B%2BGm3FAiaJfcW2x692u21tyYPAyp%2BRe5Rt34m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbed82c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 09 Apr 2023 18:30:57 GMT

GET
H2 200 custom.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 10 KB
3 KB 51ms
45ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470757
cf-polished: origSize=12756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-31d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8eWHUyq9%2FQ6pVobDCVgLLCx6zhOnJENwL7muvxsYvpj9lFBuQo4QlkzQdyRkBafniMfxwNf4vQPiO7xeBWbJzl20bmVP%2FSPQ%2BXKb%2BJCqfFRjv7X6UGVBLpDpiRy%2BJ9OlRXkoDHr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbedb2c7d-FRA
expires: Fri, 07 Apr 2023 02:58:47 GMT

GET
H2 200 sharing.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 12 KB
4 KB 50ms
44ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=11.9.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134829
cf-polished: origSize=18206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 23:25:59 GMT
server: cloudflare
etag: W/"6418eb87-471e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kAwTqSkHFg0kLc6GT9SLBwqsHoCrMBkZYJQgXnUYcsyOZPEetHmxIlyBCGweDKVx9P%2F8NxJNLTUjltvzygpU4E%2BjGi4njPsSc46p9OhZGtDA7YBArhbrW3I6Y206gkaTRKZxFe3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbedd2c7d-FRA
expires: Tue, 11 Apr 2023 00:17:35 GMT

GET
H2 200 e-202314.js Show response
stats.wp.com/ 9 KB
3 KB 52ms
10ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202314.js
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 01:58:02 GMT

GET
H2 200 twemoji.js Show response
securityaffairs.com/wp-includes/js/ 17 KB
5 KB 48ms
44ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/twemoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571278
cf-polished: origSize=33089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-8141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwaRyRnzzkoTeRk9cDGoir6B7kA%2FnDlnOiNVdYkv9RAbHvTh41QibEYmYqhKCDbg10DTEX4%2Bf7fEV3Vjun1F8zZXWLgREZ%2Fjtbzh%2BUZMcyjdMi5X3Qb2y%2FIacVf6fLuH75QN7NTB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbee12c7d-FRA
expires: Wed, 05 Apr 2023 23:03:26 GMT

GET
H2 200 wp-emoji.js Show response
securityaffairs.com/wp-includes/js/ 4 KB
2 KB 49ms
45ms Script
application/javascript 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571277
cf-polished: origSize=8969
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPPobczfPikNAGaEAChrPEg9isxR880Mv1aTHISLLegqmZCG%2FJa179nmmWvyVZEBG0BgMOWQ0A5qEeORl5ts4oj1Sh%2BLqNP2msTsAqc5vbtkUmxwOdbvo1hT1%2B9bVZ7DGcbF%2F8mZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b323a3fbee32c7d-FRA
expires: Wed, 05 Apr 2023 23:03:26 GMT

GET
H2 200 63aa5463b92caa0012f81022.js Show response
buttons-config.sharethis.com/js/ 438 B
885 B 342ms
9ms Script
text/javascript 18.66.97.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-22.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:33 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P2
age: 12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 438
last-modified: Wed, 28 Dec 2022 04:37:49 GMT
server: AmazonS3
etag: "d0446970cab2a3b08a2f4f8bdf2fbef7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: 7O9zYyhDvDMfadmnExKRsLrMWvVkIPRSg8gK7iUAYfeluashmtMIBA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
41 KB 431ms
48ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bfd2999b939b873bc56701041dc14cf3edcc2cb6850e19b8edd800024ede79c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41086
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 13:44:45 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 71ms
9ms XHR
text/plain 3.122.91.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=STYX%20Marketplace%20emerged%20in%20Dark%20Web%20focused%20on%20Financial%20FraudSecurity%20Affairs&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Resecurity%20has%20recently%20identified%20the%20STYX%20Marketplace%2C%20a%20new%20cybercriminal%20e-commerce%20platform%20with%20a%20specialized%20focus%20on%20financial%20fraud%20and%20money%20laundering.%20The%20STYX%20marketplace%20was%20launched%20at%20the%20beginning%20of%202023.%20This%20platform%20is%20specifically%20designed%20to%20facilitate%20financial%20crime%2C%20providing%20cybercriminals%20with%20a%20range%20of%20services%2C%20including%20stolen%20financial%20data%2C%20credit%20card%20information%2C%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.91.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-91-229.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 13:44:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 425ms
38ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:32:15 GMT
x-content-type-options: nosniff
age: 97950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:32:15 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 460ms
74ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:39:09 GMT
x-content-type-options: nosniff
age: 97536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:39:09 GMT

GET
H2 200 fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 41ms
40ms Font
application/font-woff 172.67.140.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5644803
etag: W/"56710b81-ad90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SJKyXKVfu7UJG3ebECQpvf8xBGL7j9yPcwolVMmdbzp39CjtKXLD%2Bxw4xeg0%2FwMdsYlUmzNNFWGWlhK9l5Kr%2BjAK8uHIApLZ9Y5RKHuYrAqhuK8wmcx6fglv66imEaEIPOR7EPu"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=315360000
cf-ray: 7b323a3fbee52c7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 487ms
101ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:37:56 GMT
x-content-type-options: nosniff
age: 97609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:37:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 470ms
85ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:38 GMT
x-content-type-options: nosniff
age: 97987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:38 GMT

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 326ms
6ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 05 Apr 2023 13:44:45 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Wed, 05 Apr 2023 13:49:45 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 30 KB
30 KB 15ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "90081d39f1874091"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 30524
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 7 KB
7 KB 15ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "f66b518bba6e1555"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7234
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 19 KB
19 KB 16ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:09:36 GMT
server: nginx
etag: "d8c02e2ccf1e41bf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 18968
expires: Thu, 26 Dec 2024 13:09:36 GMT

GET
H2 200 EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 13 KB
13 KB 16ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 05 Apr 2023 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 00:56:49 GMT
server: nginx
etag: "a583ea31753e6f10"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length: 13098
expires: Thu, 26 Dec 2024 12:56:49 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/ 349 KB
117 KB 489ms
107ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31073580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4c69e71b85857edb772adbe3f0aade5e2eac44636e864c8790a249f67e310b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119331
x-xss-protection: 0
server: cafe
etag: 2825739819537199682
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230404/r20190131/ Frame F27A 10 KB
5 KB 423ms
37ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230404/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 15:14:37 GMT
etag: 2378337311435320485
expires: Tue, 18 Apr 2023 15:14:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=144446&tz=0&srv=securityaffairs.com&j=1%3A11.9.1&host=securityaffairs.com&ref=&fcp=1091&rand=0.25056090410227894
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 13:44:44 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 50ms
49ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

14144577eb006475ba32d58e77765abd276e69ec6afb6af09b43dc2e3a73dce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 13:44:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
82 KB 52ms
52ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cd7df7bb85be50dc914d0b3e3ea45223e2c01baf6df605f37f98727c2aa247e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 13:44:45 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 385ms
19ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3430&_p=1138321176&_gaz=1&cid=2054562493.1680702285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680702285&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&dt=STYX%20Marketplace%20emerged%20in%20Dark%20Web%20focused%20on%20Financial%20FraudSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 384ms
18ms Ping
text/plain 142.250.110.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=2054562493.1680702285&gtm=45je3430&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.110.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wf-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 461ms
63ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=2054562493.1680702285&gtm=45je3430&aip=1&z=1309869551

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 382ms
18ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je3430&_p=1138321176&cid=2054562493.1680702285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680702285&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&dt=STYX%20Marketplace%20emerged%20in%20Dark%20Web%20focused%20on%20Financial%20FraudSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
57 B 48ms
46ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=10&dl=securityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&tdp=G-P62M3QN974;75765533;1;2;0&z=0

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 td
www.googletagmanager.com/ 0
121 B 46ms
45ms Image
image/gif 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=10&dl=securityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&tdp=G-P62M3QN974;75765533;1;2;0&z=0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 62ms
61ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.init&eid=0&h=Ag&tc=10&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 62ms
60ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.js&eid=1&u=AAAAAAAIAAAAACA&h=Ag&tc=10&tr=1gct&epr=1G.2G&ti=1gct&z=0

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 62ms
61ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtag.config&eid=3&u=AAAAAAAIAAAAACA&h=Ag&tc=10&z=0

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 55ms
53ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAACA&h=Ag&tc=10&z=0

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
337 B 75ms
46ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31073580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c6cefdb18a8ea5c646d44afca4095958583d04d51b4f10c03a18643f48e7c2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 432ms
48ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 463ms
47ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 77ms
77ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D21D 314 KB
72 KB 763ms
761ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1680702285&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702284847&bpp=6&bdt=609&idt=696&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6741870590067&frm=20&pv=2&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=743

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

30c0577f6e4187a8f7f0ebcc8217f444f3673cdcaa8d73e4f78eb3edb73eda3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:46 GMT
expires: Wed, 05 Apr 2023 13:44:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 86ms
85ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230404&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

84a23b81464d371bac4b58e87c5afff43b6a552577271e1c25c662f0ba323900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11089
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/ 149 KB
51 KB 99ms
98ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/reactive_library_fy2021.js?bust=31073580

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9fef34520e16a5c7da6ed4d535599528224eeef1acbe9c2362b91ab783894b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51885
x-xss-protection: 0
server: cafe
etag: 17180202245641012814
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F80D 90 KB
33 KB 845ms
845ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5041a74033d8d1ffc71c7c1aaab8dc8580684f724d663b746b3149282f4d42f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33971
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1033 102 KB
36 KB 948ms
948ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

66d7fe6ae9ca7454df11e84f3de9201cf03ed489b19a3ac0f34088844909932e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AEE 91 KB
34 KB 578ms
577ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=wOhEMITCKm&p=https%3A//securityaffairs.com&dtd=35

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2b5c72d84007bde5bb376aaf0ffe55a3ac9e482e495a80b2a043d220a9fe7e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34002
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF67 102 KB
36 KB 642ms
642ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

371398f72fb82eeae9da53fc4b6075527a5de069e3f049137c14c47735b73673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2220ms
1812ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 13:44:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
49ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/ Frame 084C 10 KB
5 KB 38ms
37ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 06:28:52 GMT
etag: 2378337311435320485
expires: Wed, 19 Apr 2023 06:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/ Frame 884C 10 KB
5 KB 38ms
37ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 06:28:52 GMT
etag: 2378337311435320485
expires: Wed, 19 Apr 2023 06:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 084C 4 KB
1 KB 431ms
47ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:33:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 084C 205 B
649 B 424ms
37ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 12:38:45 GMT
x-content-type-options: nosniff
age: 3962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Apr 2024 12:38:45 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 084C 604 B
694 B 425ms
39ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:50:08 GMT
x-content-type-options: nosniff
age: 6879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Apr 2024 11:50:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/ Frame 084C 19 KB
8 KB 349ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:29:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 884C 2 KB
818 B 370ms
70ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame 884C 22 KB
9 KB 337ms
39ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 884C 3 KB
1 KB 367ms
71ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 884C 20 KB
8 KB 340ms
43ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 884C 158 KB
49 KB 434ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame 884C 34 KB
14 KB 407ms
39ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 11:10:19 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 45ms
44ms Image
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-P62M3QN974&cv=1&v=3&t=t&pid=692618037&rv=3430&es=1&e=gtm.load&eid=17&u=AgAAAAAIAAAAACA&h=Ag&tc=10&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 1436 8 KB
966 B 47ms
47ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:09:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1436 2 KB
804 B 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame 1436 22 KB
9 KB 37ms
34ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1436 3 KB
1 KB 44ms
42ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1436 20 KB
8 KB 40ms
38ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1436 158 KB
49 KB 49ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame 1436 34 KB
14 KB 39ms
37ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 11:10:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0AEE 6 KB
742 B 48ms
47ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=wOhEMITCKm&p=https%3A//securityaffairs.com&dtd=35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:07:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0AEE 2 KB
799 B 40ms
39ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame 0AEE 22 KB
9 KB 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0AEE 3 KB
1 KB 35ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0AEE 0
0 83ms
82ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZiP_TnstZJG4ILmy1fAP2JSVoAfk16Hvb5Hn6ZO7EYyLhZ4LEAEgu6PgmAFglYL4gZQHoAH2jffaA8gBCakC0VCC-yxesj6oAwHIA8sEqgSCAk_Q0kcIiY9rO-NHkIbi54Tytto1cy1SqCLTmuroVArWoTma4q0GBOz_kREFr9qNldS_-eMYgYQLmmrpXbuNbkVJG5eV2adtLnBOzpBnJrETmpp_sPDEuLeaPSGmIHLY7RpH9w_EDx53XBk9muMQkLI4dvJtAcSAtS-qRsNwS3yEyDL0Myq44SYLv6u-PlTGKwzkRB1vyRVuMghkBLKc2XoXjROvIFl9i3LMXahCZ-p7iB8nT5LQ7ARS9ZH0HMTQ6XagE84GJC5jiK56ZY98B0kZVImrncPAjZPcULJ1RdL6ZL_F8KDuUbygI3vPspLqV6dOPY9TSjCeiSLJfT7LWK7FhcAEiLv74a8EkgUECAQYAZIFBAgFGASgBi6AB_LxiCWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDVowrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDkxODA3MjA1NzE4MTc5NBgA&sigh=XEqLxykN_oU&uach_m=[UACH]&cid=CAQSOwDUE5ym_lCX5Szdgho9S5k6pEZ1077FTkX3kghA70NtqJ5CX8VNTTT94mmTgaNbb87_DCEZZ2NfGp-YGAE&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=wOhEMITCKm&p=https%3A//securityaffairs.com&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0AEE 20 KB
8 KB 35ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AEE 158 KB
49 KB 52ms
52ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 0AEE 34 KB
14 KB 39ms
39ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 17:23:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:27:22 GMT

GET
H2 200 3872021887000358034
tpc.googlesyndication.com/simgad/ Frame 0AEE 7 KB
7 KB 39ms
39ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3872021887000358034?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

363f3c71048fb7fa5a1e6a081e65db91a4856ad52113fe5e836b8b57310e0bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:00:22 GMT
x-content-type-options: nosniff
age: 114265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6712
x-xss-protection: 0
last-modified: Tue, 11 May 2021 13:42:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 06:00:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10294930571676093956/ Frame 0AEE 36 KB
36 KB 45ms
44ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10294930571676093956/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

c206ba705dc1194f5c4b52e976cecd3937f08d46de7359cb9025cfee177b292a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:09 GMT
x-content-type-options: nosniff
age: 112838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37190
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 14:27:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 06:24:09 GMT

GET
DATA 200
OK truncated
/ Frame 0AEE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06FA 143 B
228 B 40ms
39ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame DF67 9 KB
4 KB 39ms
37ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 23:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:36:40 GMT

GET
H2 200 675161e3b4fc5f66626139769aa58704.js Show response
www.gstatic.com/mysidia/ Frame DF67 10 KB
4 KB 41ms
40ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/675161e3b4fc5f66626139769aa58704.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4255
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 00:46:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF67 8 KB
966 B 48ms
47ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:08:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame DF67 2 KB
799 B 35ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame DF67 22 KB
9 KB 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame DF67 3 KB
1 KB 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame DF67 20 KB
8 KB 38ms
37ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF67 0
0 421ms
48ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm3U-8RgVUljpt48VFaPXkTvZR7Tm3x4xcqDTppBNI3CRiEeloZ3Hyxr-jIqyIIz1aQGl45_XFyiPRE34hXCQEs83Fvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF67 158 KB
49 KB 45ms
44ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame DF67 34 KB
14 KB 39ms
39ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 17:23:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:27:22 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 48F4 1 KB
758 B 38ms
38ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Thu, 06 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 96B2 36 KB
14 KB 38ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
DATA 200
OK truncated
/ Frame 0AEE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d3d3a541bc0b925b0cd1390372947855d0b41080d3cebf5f96dce590c3681f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
136 B

59ms
58ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame CE2D 36 KB
14 KB 39ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/144446/cyber-crime/styx-marketplace-dark-web.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0AEE 15 KB
16 KB 41ms
38ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 98017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0AEE 15 KB
15 KB 42ms
41ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF67 0
0 85ms
85ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C39GzTnstZO2_Ia_I1fAPpJ20yAXootr2bv7QuKeHEf_1kOPXAhABILuj4JgBYJWC-IGUB6ABjL_XwAHIAQGoAwHIA8MEqgSHAk_QLaelwaFInJhga-UVXYY3FsSitVK_SvZOiD2X-XGQ0RQ3zCbFkgjYH55qze0LNH1_ka5P3eIepXNgJyM0OF4wjU2q7cZOOBpRhSGL8BGo96f_2aCWRrTkA9dQoex3M6FtrWSs7Lv-bAuJr4lHNS_WEoCg6Nm3G5E3nUidEBqzIXL6BnZiDJoa_HrH2agA1HzolDzWPUQE3jCccbtGB52dM_RsCCPnpmoDoV0VT__1wClNXgQb3XEqAvMgTFt8FRPml_po1Vj3DahBNqWXlm_ergVD81f5Uso2F0BejVm_sFUsxODLVqsw_jJnUBn0YqEzPfIxUYCOdZPBVtxvQ5sB38yB1mCpwATem52PowSSBQQIBBgBkgUECAUYBKAGZoAH3MCovwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCJ5wzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=bnKmLifDD5E&uach_m=[UACH]&cid=CAQSOwDUE5ym_z_mvHbgbj53b7LG2vklaWiS6VO2sShjJIBf4hvJ-erlO_vAJJRVMNfjbrNQ_nS0uYuGE_bbGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 98BF 143 B
200 B 47ms
38ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CA62 1 KB
677 B 46ms
37ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Thu, 06 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DF67 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fea9c7d90befbbba192c55399f896d6609182b9154b43bf8f35b72df4b47d70d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame F80D 6 KB
742 B 52ms
51ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame F80D 2 KB
799 B 41ms
41ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame F80D 22 KB
9 KB 40ms
39ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame F80D 3 KB
1 KB 58ms
54ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame F80D 20 KB
8 KB 40ms
40ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F80D 0
0 269ms
47ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiWrZ3SaGcllca7itW-z0Gy5okXsVlkrh2fkrUkFsa7kJy_tJ8McxbCGkbJ3VYLNllXdfK6NS2ZA6GkoqHHdiNuNKXGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F80D 158 KB
49 KB 56ms
53ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame F80D 34 KB
14 KB 50ms
47ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 11:10:19 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48F4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIhX9eyM31FbGRB8la-QcQY&google_cver=1&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_bG4Ft-y2GVpzyw

170 B
329 B

150ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_bG4Ft-y2GVpzyw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 05 Apr 2023 13:44:47 GMT
Server: MT3 776 936c8db master zrh-pixel-x15 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ4Op1KHjSlP94jSRJpaN0ppQl_Qp7fiJ4071csEAwOwBBxO2N66-uEVAHqOdb5bqg95iHO1ZlE1B3kbQ6_bG4Ft-y2GVpzyw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 05 Apr 2023 13:44:46 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48F4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAsbwwMJ1BHFGQ03KrHJpt0&google_cver=1&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHnRrqAi_c0NfC4LlQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHn...

170 B
232 B

71ms
55ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHnRrqAi_c0NfC4LlQ

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Apr 2023 13:44:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJPq0drTOk-A4m-jRUphClOpNZ7VSP_kJt3oXjMQbR6-aCeFGP_-c3RiWXV0JJHnrUTqcbzRyGm304-nHnRrqAi_c0NfC4LlQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Apr 2023 13:44:47 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 48F4 70 B
265 B 113ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBkfO0cyoxpEGTedVFH4SbM&google_cver=1&google_push=Aer7DvLJI1ef5NjSu93a1NUXH_8CKdAI0xUhVHYBDBx-F5HloEh7_TRHkJMBZOtxaQVkYcBtKJ-gTjmUlgFNOeOa8rVttHhcYbXf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3350712612&pi=t.aa~a.509917982~i.17~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280&nras=4&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=wOhEMITCKm&p=https%3A//securityaffairs.com&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48F4
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEL5FOXWUWAdfAecmCN96sTk&google_cver=1&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VM...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL5FOXWUWAdfAecmCN96sTk&google_cver=1&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvJXaF0_l5qI_m3v8wpGIj60Kqz6I9od4M8DFoMAerv0pOn-ETQKuzK8Dd41DhehjKIArXLLI6hyLHyFKgLBSCXr3VMTbgHu
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48F4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

48ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvL6d8TwxCYCkfKIvJOnC7LKoeJN7Zm6FAF80TRra4WVMx0I7BH3mHTO2_WrzcFP8Iutib4rCIyge50UQr3-49kJ9d-FOMvF9Q

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvL6d8TwxCYCkfKIvJOnC7LKoeJN7Zm6FAF80TRra4WVMx0I7BH3mHTO2_WrzcFP8Iutib4rCIyge50UQr3-49kJ9d-FOMvF9Q
date: Wed, 05 Apr 2023 13:44:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48F4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwCKABSQbYor42tDfbbHvc&google_cver=1&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV0gtMVYtOEFVOQ==&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KBHEAinfwRKrAZwCV2BcLi0TGMbtQ

170 B
232 B

52ms
52ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV0gtMVYtOEFVOQ==&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KBHEAinfwRKrAZwCV2BcLi0TGMbtQ

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV0gtMVYtOEFVOQ==&google_push=Aer7DvI_3P39MLCOvOCfHlZPYFrBMhnt6q6qGHgBEVQOMbaZHiBBCMA1BhW9cCgYaGQ6SAXc_KBHEAinfwRKrAZwCV2BcLi0TGMbtQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 48F4
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELApCHq9a7gX5gKfYyEnBcY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLLarkI8x98kNm9W7cX8SHs3MPSQaJ750seppUxBmh3h7mu7Xkt-sXKINmqrH4mnuACMhFeY6HWOC3A3cASvFmwy4Ly0GmWtw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

53ms
53ms

Image
image/gif

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 13:44:47 GMT
pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 48F4 0
139 B 295ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUZVVgkRoe9vF8jIENDsO8TORtw6ZACxJpSoglAHFFz2XDRn2_3lUjdQSCVDJCcMtW0hJGBw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F80D 0
0 94ms
91ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz3POTnstZOPsHsLbxgP6qYGoAuTXoe9vkefpk7sRjIuFngsQASC7o-CYAWCVgviBlAegAfaN99oDyAEJqQLRUIL7LF6yPqgDAcgDywSqBIICT9BOAhS60fx2Kf1pRxR1bNjb6j5PJdDzbPdtqfoM0C4uSLcXn-q0bpvXyeId6YfdG6lIHcMIMBuyBqthhGfZHoLB_wPX8WtapFSc69MsNmsAS35HiPUX6GtjtHun_DnXGOjar0XysZTHNnN7pBypWuWOnTjPnhYd50VeLPzgF3ztFcXqhNSLQbDzM6zbHBPZ5SYWaKgN3zHdRAyKQfJWCY-t3SI8o_hYKL1KQaBb8jSz3mnCOgVP5eo3Dxx9VzNiyvr7UkmW_2pbe2s8zRxdVaD8BlZrzi5qUYIQWUn2nu0Qh0tRAFaZXCiUTK9f2EiDC0Di3Yw9FJeGF9bCQiubKqAMwASIu_vhrwSSBQQIBBgBkgUECAUYBKAGLoAH8vGIJagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMqOBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=RvE2f3nY6Qg&uach_m=[UACH]&cid=CAQSOwDUE5ymE-HEH0pECnkJMOa756V7BIqq8M92KvoxhLVPhEokoqHUT5R4NxVCw__hp30xs0NeupDQTtuEGAE&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 02E9 36 KB
14 KB 44ms
42ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2 200 3872021887000358034
tpc.googlesyndication.com/simgad/ Frame F80D 7 KB
7 KB 40ms
38ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3872021887000358034?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

363f3c71048fb7fa5a1e6a081e65db91a4856ad52113fe5e836b8b57310e0bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:00:22 GMT
x-content-type-options: nosniff
age: 114265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6712
x-xss-protection: 0
last-modified: Tue, 11 May 2021 13:42:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 06:00:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10294930571676093956/ Frame F80D 36 KB
36 KB 43ms
41ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10294930571676093956/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

c206ba705dc1194f5c4b52e976cecd3937f08d46de7359cb9025cfee177b292a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:09 GMT
x-content-type-options: nosniff
age: 112838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37190
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 14:27:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 06:24:09 GMT

GET
DATA 200
OK truncated
/ Frame F80D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame 1033 9 KB
4 KB 39ms
37ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 23:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:36:40 GMT

GET
H2 200 675161e3b4fc5f66626139769aa58704.js Show response
www.gstatic.com/mysidia/ Frame 1033 10 KB
4 KB 42ms
39ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/675161e3b4fc5f66626139769aa58704.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4255
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 00:46:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1033 8 KB
966 B 53ms
50ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:05:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1033 2 KB
799 B 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame 1033 22 KB
9 KB 36ms
35ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1033 3 KB
1 KB 38ms
37ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:08:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1033 20 KB
8 KB 39ms
37ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 14:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1033 158 KB
49 KB 51ms
50ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 13:44:47 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame 1033 34 KB
14 KB 41ms
40ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 11:10:19 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CA62 0
104 B 474ms
28ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIcpxV1vyhxu4whuu667JoI&google_cver=1&google_push=Aer7DvI5NyEsFZ6epQFCLnXD2zX51p3oA3kNt5viXcqG-Tk7cGXphEVbMC_FcsJPNepzLpPlkfP5j7HdBPSJ-gj8n2D6IUPpsALE-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CA62
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_a...

170 B
232 B

48ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_avsmabAYZPyQAGLzMvv-MxT1gxLIqMVtJpUeY59pJ5hPqqT6INlwA_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 13:44:47 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEAUsgWbFCOfnvXm8vcVv19g&google_cver=1&google_push=Aer7DvL1wwBmjTaRwYw856iEr6o0bpLtyKNbjxdZEmkdh_avsmabAYZPyQAGLzMvv-MxT1gxLIqMVtJpUeY59pJ5hPqqT6INlwA_
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CA62
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWcr2x5PSoeKZ7n6cgSsFM&google_cver=1&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl12k0u33t...

170 B
232 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl12k0u33t3zHPjw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 05 Apr 2023 13:44:47 GMT
Server: MT3 776 936c8db master zrh-pixel-x25 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvLLAGl_8pfyi9tYUkWwL4OtoDPEGdmzPFDBOJ4GNVtIWlrv7rHVV8_sGuxxtoK7OSpQDHMDBt_PG1XA1Nfl12k0u33t3zHPjw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 05 Apr 2023 13:44:46 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CA62
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELj76q6vU69ZwGZJWHMIcLc&google_cver=1&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647n...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647nT7DuwGw

170 B
232 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647nT7DuwGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIR_Wr6kG1ZKvrv-21zCVcnw_2iMrL4-NAM18Eu1jPICR4x2SIVt2AIc3rqyR2Xde3LzPms7o9t9-yYntHaqd8647nT7DuwGw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame CA62 43 B
350 B 66ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECMNrPzVNfBcsfYLjL1A77w&google_cver=1&google_push=Aer7DvLxLvlK2o_pNd45k-wFetXrmUMrYnwV2N1rEhCd0cgZjVN_S4BxvLFz5KWP_l7PByWZd5xjIu6Z7_8c_emBotn7u_SsYovu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: afhe770ovs3udc6ruulmtcsk101vfr10

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CA62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBdXwN3zBNv7KX2EUVVdXGM&google_cver=1&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_Df...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV1YtUi02VFBB&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_DfBlAPa2ul8OZf9pAEidOa26audjA

170 B
232 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV1YtUi02VFBB&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_DfBlAPa2ul8OZf9pAEidOa26audjA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFXV1YtUi02VFBB&google_push=Aer7DvItfFenrxkdhnMT01ZwuLdkXtOXM8Qn8XKFSZGGRXMPYMo9ADu6lBlaDw0seCtgmtnx_DfBlAPa2ul8OZf9pAEidOa26audjA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CA62
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_hm=ZC17T0MXCZwFt6DJ2cbr5QAAFFMAAAAB&google_nid=index&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rO...

170 B
232 B

50ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_hm=ZC17T0MXCZwFt6DJ2cbr5QAAFFMAAAAB&google_nid=index&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rOd1L5hBZnPxgISONQ9_aS_ZALNysDpbnTJxM0-QhMTp0qOfKFgv13WsT4e88YVC2Dw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 13:44:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJkT4yZcykGaYXA1CWRhDWA&google_hm=ZC17T0MXCZwFt6DJ2cbr5QAAFFMAAAAB&google_nid=index&google_push=Aer7DvLo8N44h5s5eYlRZt20UVk0L4D1l51rOd1L5hBZnPxgISONQ9_aS_ZALNysDpbnTJxM0-QhMTp0qOfKFgv13WsT4e88YVC2Dw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CA62 0
40 B 50ms
47ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrEFm9kfSoVcjob419nwGKRnlTgKKO5wLAqqEQ_jrO2ZJco1-FD5_cI7BwsUiljiOgWVtS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame DF67 29 KB
29 KB 38ms
37ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 143394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 21:54:53 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 98BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
136 B

68ms
67ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9195 1 KB
677 B 39ms
37ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Thu, 06 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F80D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d17b2f5363e8de10ec7005db66fbe46fccc61be7ada654311b4f86a0d9a2e59d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F80D 15 KB
16 KB 43ms
39ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 98017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F80D 15 KB
15 KB 47ms
43ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1033 0
0 83ms
83ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY5X0TnstZMSXIKLM1fAPjr2ykAHootr2bv7QuKeHEf_1kOPXAhABILuj4JgBYJWC-IGUB6ABjL_XwAHIAQGoAwHIA8MEqgSGAk_QdY6hx09WirCNuQu5hb1OctkfPUb6op-U5MrJ82ekhGgUQqXFgJfLuv03Lg7yZvk9QUGhCOajis3KLLBEwb_SXvqwTPN4thr-hd-m-K6z8OUk8Yezgu4lcGM9YuL9UNdXrk_3bsrSMy-Z7KQf3v99td0r_uEfog3UtTrapoC78Rr6wXLHwHF0OrvONOTlvcizVmZ8ldgQ-GwAQ3AewcjDQWHaiNfetXxgfmQVekMQha5cV-a1SnOI-hw3pdkOyXWZ4Bkj-uy4oIPl9bvbcKvRdU1vnRGbQR8Oe1dHiDC1Fu2g-2gs0Oq6HepnVRBSV1zHBbowD495y7Z0-f_7hHBSXKcv6p7ABN6bnY-jBJIFBAgEGAGSBQQIBRgEoAZmgAfcwKi_AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM2oCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTQ5MTgwNzIwNTcxODE3OTQYAA&sigh=KfRaslLpfnM&uach_m=[UACH]&cid=CAQSOwDUE5ymHVyxDE84ZB-_sLPRQtDHdHtcSfx3VpyLd-qyrfaEuWzdOfG-x2gZoc1Y7gSq5TbQm_vgP2LuGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7282 143 B
200 B 40ms
39ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7F36 1 KB
677 B 39ms
38ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Thu, 06 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1033 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01dc25f29bfc2cf3f2d33f049a6acbdfa4baa9552d3d0deb10b086a8ff237ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cver=1&google_push=Aer7DvLPmlLeFkXFeOIegO1FLM3JbBOrAy5y4v7-F_9uZeu...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cver=1&google_push=Aer7DvLPmlLeFkXFeOIegO1FLM3JbBOrAy5y4v7-F_9uZeuZNaipuBdMrGEThuB3EVCxTJpDGteTaEIkgABuofUXNpB-yyXpmE_msCg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 13:44:46 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-09a32cc2c473a3db5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHQzFvSpUHYlv3aogIx97Cs&google_cver=1&google_push=Aer7DvLPmlLeFkXFeOIegO1FLM3JbBOrAy5y4v7-F_9uZeuZNaipuBdMrGEThuB3EVCxTJpDGteTaEIkgABuofUXNpB-yyXpmE_msCg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG3U5sW8iAH4A-AzgDL47LY&google_cver=1&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1P0iVY-hH...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1P0iVY-hHVTfoTwU

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 05 Apr 2023 13:44:47 GMT
Server: MT3 776 936c8db master zrh-pixel-x24 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ChtkLXtQTACxed1El4EbHw&google_push=Aer7DvL7EWSlXYGHSKm_z4WoDG5-rbVRaVBmxZuX0RWRZpyoJsFHmMojV6xr2_boGNnLdgEaEqstNtCHa0Yw88X1P0iVY-hHVTfoTwU
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 05 Apr 2023 13:44:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC6ZLxgJrK-7d-hqPkA1AA0&google_cver=1&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8BIbBVxAViZ9u_FhkI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8B...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8BIbBVxAViZ9u_FhkI

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Apr 2023 13:44:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvL9aPVw7mAU8K4mkJFlSswCAxjg9jAU76LDbwhsmitXOzv5ulta5I57YxiOTClK77L7auKTb3iYM-W-u8BIbBVxAViZ9u_FhkI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Apr 2023 13:44:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDhBY_iqOtYmLHuPSrNaENQ&google_cver=1&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GhA5z8E9TfujIrq2_8zsKg2&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0wjTY5TAovio8Jg

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GhA5z8E9TfujIrq2_8zsKg2&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0wjTY5TAovio8Jg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Apr 2023 13:44:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GhA5z8E9TfujIrq2_8zsKg2&google_push=Aer7DvJI1CbomTDSBy9o7aQVlNFQdLZiAGKmSiawWw6IaWGzVUYvlvaRF4J_3hjbtCD5Mo9QH0mWbIbYLCVSi8o0wjTY5TAovio8Jg
x-host: tde-deliveryengine-production-86c874c4d8-vxzw8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIL9vid2I8aaSsxZNuw5_0Q&google_cver=1&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFYMEktUy1KVDZX&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQcuYHxY-4aArXJDV3HZOyplAE0Mdc

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFYMEktUy1KVDZX&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQcuYHxY-4aArXJDV3HZOyplAE0Mdc

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczUVFYMEktUy1KVDZX&google_push=Aer7DvIn3VexHC-OsBwTsv5cHdxqhcFDUlFjYRKG2gsxdwnoLDv4UaZd9Gq1s2dWKZIT21JDJoQcuYHxY-4aArXJDV3HZOyplAE0Mdc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9195
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHAxWIe2nxOF3vo0x4QpsP8&google_cver=1&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-iY6SpIAIgZMn4XOE_ds

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-iY6SpIAIgZMn4XOE_ds

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKdnAgUxS_dWgDIfy6TBr6OCOWHHMbxpNVdI81-uO7ZndzkM8RtKpqKrpJQUQ7IA3_pFPm3-pfAnXE-iY6SpIAIgZMn4XOE_ds
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 9195
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGP7sJ_-fHJmZkOXYTc6mU0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvILuhH3ROD1nF5l-ktQdkrCXQcougYAV_46uk18WOPDe3I1TFqj6v43UbtYqkJ7QOMjgbzHdXT5OEVveKdJyUpwxx_ff_cJSEFx
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

43ms
42ms

Image
image/gif

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 13:44:48 GMT
pragma: no-cache
date: Wed, 05 Apr 2023 13:44:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9195 0
12 B 51ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBl6VW6dwRuRvKGMDwut5h-DJ7wvpqnP_-_uUrKhffW4SCcv1oK9xOWuPp5bi4PxWceYhTpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame DA10 36 KB
14 KB 38ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=3158154027&pi=t.aa~a.509917982~i.9~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0&nras=2&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GNY5tnzbhQ&p=https%3A//securityaffairs.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1033 29 KB
29 KB 38ms
37ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 143394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 21:54:53 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7F36 35 B
465 B 351ms
8ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBA55RvaGP9suVoIAX5QJMM&google_cver=1&google_push=Aer7DvK0qADV20R-XSlR9XCzy1Ui3qjN_8CaETwFFGhwflSjbrNSJcHPxH-r0XhBx6PysHAOXsgz2puECgvDtFpH3y_bM1vPCEAQwQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7F36 0
103 B 241ms
28ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEB2Ookfdl33NqQ609grMVQc&google_cver=1&google_push=Aer7DvLszw9VWqk6of9iq8tKxyyooLoQTogVomOhmhP8Yz-AZjO_QOs0dK9qne83JxOGGRiYO-t-sTdyDZiW09d3RQT6XeTjB8EBKzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F36
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cver=1&google_push=Aer7DvLZeKk8458VTUWtPK32RDIGUc0-Tan4t9hMhQjTcUJ...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cver=1&google_push=Aer7DvLZeKk8458VTUWtPK32RDIGUc0-Tan4t9hMhQjTcUJPyKzpYtS4_UMiKaPKMjTTKgEn9CdHIkh5Ji2GzHObgUfXvEhrPqkYurk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 13:44:47 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0FpRmVmdXYxUEszcnA1&google_gid=CAESEHZhOw2Z9lUMQMzpaxmEpeM&google_cver=1&google_push=Aer7DvLZeKk8458VTUWtPK32RDIGUc0-Tan4t9hMhQjTcUJPyKzpYtS4_UMiKaPKMjTTKgEn9CdHIkh5Ji2GzHObgUfXvEhrPqkYurk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F36
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGlMD6Z6yTC0VZFdeaxwZ1U&google_cver=1&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5rueUgyS8tpy1i0A
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5rueUgyS8tpy1i0A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Apr 2023 13:44:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5DAE8AD4210A4054BAA17E31665E9D06&google_push=Aer7DvJmNj5SS5clBvGlkk-2Pf1ChdxKA_aKcGvOPnrY-d7lfPhPXspKMmeUSHRdJCmakqhtGhXu30Qgmz01ns5rueUgyS8tpy1i0A
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Apr 2023 13:44:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F36
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGwFR80Rzh9EDlgULaB9pNA&google_cver=1&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpcaaZ850_FQaPrNhhQYp48&google_hm=Y0dw6KkKSISpuw7Oj...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpcaaZ850_FQaPrNhhQYp48&google_hm=Y0dw6KkKSISpuw7Oj7TVj64

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIV7oBm2KAM9xVevlg1P30tPx1yaql516vIwLTXCLkFK0HDodo89cv2lfbFt_KGRgxb2WKbId-MVpcaaZ850_FQaPrNhhQYp48&google_hm=Y0dw6KkKSISpuw7Oj7TVj64
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F36
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOonj2hbr8xlvl3-abyl9ZQ&google_cver=1&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67Nygcoj...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxODU2MTM2MTI3NTcxMzY3OQ%3D%3D&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67NygcojvRVL...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxODU2MTM2MTI3NTcxMzY3OQ%3D%3D&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67NygcojvRVLwT54dUBsrkkBM

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxODU2MTM2MTI3NTcxMzY3OQ%3D%3D&google_push=Aer7DvKdpWyC30izYY5bGh8j9B3YG0QsG6cUt6Kl2WHWnYO_HdOBRyPSTpVYHoWAtQRuHhRFondgeN67NygcojvRVLwT54dUBsrkkBM
Date: Wed, 05 Apr 2023 13:44:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F36
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIYmEVJ0u02DcO-s2syaGbRNgkD8T_mjW-JLw2qAq_KQnzU_eW6YFRoIPcFWD5ZLu1Val7L6rMssCwxS0jxpgp-Lx3WxqVXIXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NHQ_-sFSRgSRC5h-gNfjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIYmEVJ0u02DcO-s2syaGbRNgkD8T_mjW-JLw2qAq_KQnzU_eW6YFRoIPcFWD5ZLu1Val7L6rMssCwxS0jxpgp-Lx3WxqVXIXQ
date: Wed, 05 Apr 2023 13:44:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7F36 0
12 B 48ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kpt3T1AhN5yhgm1lUlcFVG_jbig6yK5GCnJgS3xgUu1ya9e3_3cDPuho_edxO1SZbe9yI9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A8B 36 KB
14 KB 38ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2636710437&pi=t.aa~a.509917982~i.23~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=1&bdt=2227&idt=1&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280%2C630x280%2C630x280&nras=5&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=q0stiMDhL7&p=https%3A//securityaffairs.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7282
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

46ms
46ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
expires: Wed, 05 Apr 2023 13:44:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 403B 36 KB
14 KB 42ms
42ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=2279221826&pi=t.aa~a.509917982~i.13~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1680702286&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F144446%2Fcyber-crime%2Fstyx-marketplace-dark-web.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680702286464&bpp=2&bdt=2227&idt=-M&shv=r20230404&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29cd5c18c6bcc96c-22d6b2ed7edd00e0%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w&gpic=UID%3D00000bd0ceacd4fd%3AT%3D1680702285%3ART%3D1680702285%3AS%3DALNI_MYtr88HcwMPnotDx0Grt78E4OPCag&prev_fmts=0x0%2C630x280&nras=3&correlator=6741870590067&frm=20&pv=1&ga_vid=2054562493.1680702285&ga_sid=1680702286&ga_hid=1138321176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C44788218%2C31073580&oid=2&pvsid=2539065617943386&tmod=1292189885&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3O2rqljH4g&p=https%3A//securityaffairs.com&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28D4 13 KB
5 KB 39ms
38ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:27:18 GMT
expires: Thu, 04 Apr 2024 13:27:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EADB 783 B
968 B 47ms
47ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

a8d60754801b4233c71e9b9ebb7635fa6927dc5fef5d43265dbff3054094e3ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zyZIhGlDhaV71eMiSmqDWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zyZIhGlDhaV71eMiSmqDWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:44:48 GMT
expires: Wed, 05 Apr 2023 13:44:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EADB 0
0 72ms
71ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230404&jk=2539065617943386&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 28D4 36 KB
14 KB 38ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:21:30 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 28D4 0
40 B 35ms
35ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WhP9zw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:44:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230404&jk=2539065617943386&bg=!DQ6lDlrNAAYIJb0jKCU7ADkAdvg8WsI1mnxx-VErT0Gft6lEdMN2GmVT3jISy36YX4EUGYAUMBfEiF4RH_hciIZ5jTUeXzjX0mUCAAAAV1IAAAADaAEHmQKh6ycrV6l_lYcHGdD3gL1m4rVRssIxS9xXFqViT6WZC2RvBDLwSm6xPV2ksDUMnoBxpEw3KM-ytDSx6D-KMVMc9YG5iTAPBiyuloUPm-ffad9vkizX9OPMYoKdIaeAhXeiURjVhQg9y0vPA1Kc3-ihsKkt_Tg1X3CHLVxGEPtgrVDANWcq5uH6Atd8_EMdwTJMMMGHnEbK1buZAzRXJRt0J5NZkRB9IdwmGb213563k8ZT4pqMxeN6Zb9B64IdNIbnLhSgHbJd-iSbPXfxS-2K-hYwtGnPvdfcoScCHYbKlpXyTjem29M3RKw35aiybrMd3ee_5Ykk9rpgdkPgSiBntnHGj1zbjlpM68WiT-monT_V0jgPyC3jZ1HlE0Oq3TXYWAO0F_gVr8xxhxB2NfGgDWS9xM2bmdekpX2b5nEjkE4UMDrVTs-F5IqT0rpLfPEohd1NdS199G9_w5Uqpt6CZm_MoStUSXYo0Gnogz5BzMMvIhLYfNqi-hKUj2k5BPpzLWDjjYLswziIC631Vko1VpqyFVotNy5ekwKgbOAuXmS6qTW7zJ6IzhzUqm8nmXw6tLeGfH3TsKQtOruQ9a_cvV3ogBO9kxo9Va6TYd39Fgip3as1wksUvoTOS9dR5mEYPzDeGy13eAqFeFYzsyN-3Gk7t4p82JPFfr0fJE3Pd9BJHnAh2SZeUBfu9VWXCRRsyc4KRV0Mz8BrouG07rjjK5OfXmIpw94B3qDYfviX40Ki4o0vU8i4_0LpsWldYz57X1JVx-V-Tyh4a6t8ogwSkfcoAKmaBNUyRBsisPz3mcQylK2ETGZJddc5k-BzJfzWsRuYJpjTxfLTqKy5QRj7HyBMpUTzgmzKJgMKrnaBQBnsKTvJPZmaBUy8QLspt9SNuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
securityaffairs.com/	1970-01-20 19:37:18	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.com/	1970-01-20 19:37:18	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.com/	1970-01-20 20:27:42	Name: _ga_NPN4VEKBTY Value: GS1.1.1680702285.1.0.1680702285.60.0.0
.securityaffairs.com/	1970-01-20 20:27:42	Name: _ga Value: GA1.1.2054562493.1680702285
.securityaffairs.com/	1970-01-20 20:27:42	Name: _ga_P62M3QN974 Value: GS1.1.1680702285.1.0.1680702285.0.0.0
.securityaffairs.com/	1970-01-20 20:13:18	Name: __gads Value: ID=29cd5c18c6bcc96c-22d6b2ed7edd00e0:T=1680702285:RT=1680702285:S=ALNI_MYsgKS6ElORG-uO3hqJ6Es_QPkI-w
.securityaffairs.com/	1970-01-20 20:13:18	Name: __gpi Value: UID=00000bd0ceacd4fd:T=1680702285:RT=1680702285:S=ALNI_MYtr88HcwMPnotDx0Grt78E4OPCag
.mathtag.com/	1970-01-20 20:17:37	Name: uuid Value: 0a1b642d-7b50-4c00-b179-dd4497811b1f
.mathtag.com/	1970-01-20 11:34:54	Name: mt_mop Value: 4:1680702288
.simpli.fi/	1970-01-20 19:38:44	Name: suid Value: 5DAE8AD4210A4054BAA17E31665E9D06
.doubleclick.net/	1970-01-20 20:13:18	Name: IDE Value: AHWqTUlqjXY95M9Rpkn1jPTfNohO7AG72sgNRoc0gXfNbVVU4In5I0WHtRC6zS6-q7g
.pubmatic.com/	1970-01-20 10:53:08	Name: KTPCACOOKIE Value: YES
.de17a.com/	1970-01-20 19:30:06	Name: guid Value: 1.7165586809459835396
.pubmatic.com/	1970-01-20 19:37:18	Name: KADUSERCOOKIE Value: 34743FFA-C152-4604-910B-987E80D7E34D
.casalemedia.com/	1970-01-20 19:37:18	Name: CMID Value: ZC17T0MXCZwFt6DJ2cbr5QAA
.casalemedia.com/	1970-01-20 13:01:18	Name: CMPS Value: 5203
.casalemedia.com/	1970-01-20 13:01:18	Name: CMPRO Value: 5203
.w55c.net/	1970-01-20 20:21:56	Name: wfivefivec Value: SAiFefuv1PK3rp5
.w55c.net/	1970-01-20 11:34:54	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 10:51:45	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-20 20:21:56	Name: _tracker Value: %7B%22UUID%22%3A%221A1039CF-C13D-4DFB-A322-BAB6FFCCEC2A%22%7D
.ctnsnet.com/	1970-01-20 19:37:18	Name: cid_634770e8a90a4884a9bb0ece8fb4d58f Value: 1
.ctnsnet.com/	1970-01-20 19:37:18	Name: gid_CAESEGwFR80Rzh9EDlgULaB9pNA Value: 1
.adfarm1.adition.com/	1970-01-20 13:01:18	Name: UserID1 Value: 7218561361275713679
.quantserve.com/	1970-01-20 13:01:18	Name: d Value: EGcBCQHXKIEA
.quantserve.com/	1970-01-20 20:21:56	Name: mc Value: 642d7b50-2bafd-6c77f-d849e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i0.wp.com
image6.pubmatic.com
l.sharethis.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
secure.gravatar.com
securityaffairs.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.51
142.250.110.157
142.250.181.234
142.250.184.200
142.250.185.130
142.250.185.163
142.250.185.194
142.250.185.227
142.250.186.129
142.250.186.130
142.250.186.162
142.250.186.68
142.250.186.98
172.67.140.211
18.197.15.234
18.66.97.22
185.29.132.241
185.80.39.216
192.0.73.2
192.0.76.3
192.0.77.2
198.47.127.19
2.18.232.7
213.155.156.181
216.239.32.36
3.122.91.229
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
35.71.131.137
51.89.9.251
64.158.223.140
69.173.144.139
85.114.159.93
91.228.74.200
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
14144577eb006475ba32d58e77765abd276e69ec6afb6af09b43dc2e3a73dce9
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
21a55f6360b415a54742dcba0d6e592a9f977c62b3365d7592c71b36fa5de507
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2b5c72d84007bde5bb376aaf0ffe55a3ac9e482e495a80b2a043d220a9fe7e1f
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2f594c614f282b4aa13357496d01e5ad7bf60b270e0786cae089bbbfb4b97f5c
30c0577f6e4187a8f7f0ebcc8217f444f3673cdcaa8d73e4f78eb3edb73eda3f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
363f3c71048fb7fa5a1e6a081e65db91a4856ad52113fe5e836b8b57310e0bff
371398f72fb82eeae9da53fc4b6075527a5de069e3f049137c14c47735b73673
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4c69e71b85857edb772adbe3f0aade5e2eac44636e864c8790a249f67e310b16
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5041a74033d8d1ffc71c7c1aaab8dc8580684f724d663b746b3149282f4d42f8
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d7fe6ae9ca7454df11e84f3de9201cf03ed489b19a3ac0f34088844909932e
696ba92e789802d7f0f9be9df74e4e93fca67e1770aba35d0eb58d2455a9809a
6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656
6d3d3a541bc0b925b0cd1390372947855d0b41080d3cebf5f96dce590c3681f2
6e218b67b309be2daf9f8c42282697b8b976edcb03ad318e7b66208d07f0bbb6
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84a23b81464d371bac4b58e87c5afff43b6a552577271e1c25c662f0ba323900
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9fef34520e16a5c7da6ed4d535599528224eeef1acbe9c2362b91ab783894b45
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a104d474af141657b1e92c0ea5bbc21fbfd4a7ae0e6aacdb17bca7451c4da019
a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a6ff23c555ff2ff67a567fe716c5e0b5c932c923cb2a08e05fed61a391119f39
a8d60754801b4233c71e9b9ebb7635fa6927dc5fef5d43265dbff3054094e3ce
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
bfd2999b939b873bc56701041dc14cf3edcc2cb6850e19b8edd800024ede79c8
c206ba705dc1194f5c4b52e976cecd3937f08d46de7359cb9025cfee177b292a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6cefdb18a8ea5c646d44afca4095958583d04d51b4f10c03a18643f48e7c2a2
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cd7df7bb85be50dc914d0b3e3ea45223e2c01baf6df605f37f98727c2aa247e3
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d17b2f5363e8de10ec7005db66fbe46fccc61be7ada654311b4f86a0d9a2e59d
d2f9e27942c2f7c73121bf086987c33c91fd076f08ecbd549c2c02646e8324fa
d3f4f5a6502cb7cdc7de32826b5226798d070048561a6af0966f42ccc7019833
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
dd35363d56e4fc8e946c08ab06bc2ef1345c022893649ea5c086b9b275504b3a
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea89dfb7600e669172bb721c781928b72c8110bfaddc9f125abd0ed3725173f0
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01dc25f29bfc2cf3f2d33f049a6acbdfa4baa9552d3d0deb10b086a8ff237ff
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fea9c7d90befbbba192c55399f896d6609182b9154b43bf8f35b72df4b47d70d

securityaffairs.com Open in urlscan Pro 172.67.140.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

217 Requests

89 %HTTPS

0 %IPv6

30 Domains

41 Subdomains

26 IPs

6 Countries

3777 kBTransfer

7177 kBSize

26 Cookies

18 Outgoing links

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityaffairs.com Open in urlscan Pro
172.67.140.211 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

89 %
HTTPS

0 %
IPv6

30
Domains

41
Subdomains

26
IPs

6
Countries

3777 kB
Transfer

7177 kB
Size

26
Cookies

217 HTTP transactions
7 data transactions