urlscan.io logo urlscan.io
SecurityTrails logo

www.xatakawindows.com Open in urlscan Pro
18.66.122.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/umLleSIVqk
Effective URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10...
Submission: On November 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 8 countries across 39 domains to perform 122 HTTP transactions. The main IP is 18.66.122.122, located in United States and belongs to AMAZON-02, US. The main domain is www.xatakawindows.com.
TLS certificate: Issued by Amazon on August 4th 2021. Valid for: a year.
This is the only time www.xatakawindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 44.239.146.245 16509 (AMAZON-02)
1 18.66.122.122 16509 (AMAZON-02)
16 13.32.99.58 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
5 143.204.98.100 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 89.187.169.47 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
18 178.79.242.16 22822 (LLNW)
4 2a00:1450:400... 15169 (GOOGLE)
4 13.32.121.71 16509 (AMAZON-02)
1 188.65.124.90 41690 (DAILYMOTI...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.19.133.78 13335 (CLOUDFLAR...)
3 104.19.136.78 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.19.134.78 13335 (CLOUDFLAR...)
6 188.65.124.59 41690 (DAILYMOTI...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.91 41690 (DAILYMOTI...)
12 104.19.132.78 13335 (CLOUDFLAR...)
1 3 13.32.99.23 16509 (AMAZON-02)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 1 104.92.74.8 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 5 18.194.4.47 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 52.223.40.198 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.139.104 201081 (SMARTADSE...)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 142.250.185.66 15169 (GOOGLE)
2 2 52.211.218.251 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.38 41690 (DAILYMOTI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
122 43
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    44.239.146.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-146-245.us-west-2.compute.amazonaws.com
dlvr.it
1    18.66.122.122 (United States)

ASN16509 (AMAZON-02, US)
www.xatakawindows.com
16    13.32.99.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-58.fra60.r.cloudfront.net
img.weblogssl.com
3    2600:9000:223f:800:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
5    143.204.98.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-100.fra50.r.cloudfront.net
i.blogs.es
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
2    2606:4700:3033::ac43:90dd (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adgage.es
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.insurads.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2156:7400:16:9f91:2d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
recommendations.weblogssl.com
18    178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
api.dmcdn.net
static1.dmcdn.net
vendorlist.dmcdn.net
s1.dmcdn.net
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    13.32.121.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-71.fra60.r.cloudfront.net
ab.blogs.es
1    188.65.124.90 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
www.dailymotion.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
cm.mgid.com
3    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.mgid.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
6    188.65.124.59 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    188.65.124.91 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
12    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
cm.mgid.com
3    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
5    18.194.4.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    52.211.218.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    188.65.124.38 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: icscale-01-pub-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
19 mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
113 KB
18 dmcdn.net
api.dmcdn.net
static1.dmcdn.net
vendorlist.dmcdn.net
s1.dmcdn.net
630 KB
18 weblogssl.com
img.weblogssl.com
recommendations.weblogssl.com
607 KB
9 blogs.es
i.blogs.es
ab.blogs.es
78 KB
6 dm-event.net
pebed.dm-event.net
1 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
11 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
438 KB
4 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
1 KB
4 google-analytics.com
www.google-analytics.com
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 dailymotion.com
www.dailymotion.com
speedtest.dailymotion.com
dmxleo.dailymotion.com
25 KB
3 privacy-center.org
sdk.privacy-center.org
142 KB
2 360yield.com
ad.360yield.com
613 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 creativecdn.com
creativecdn.com
687 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 adsrvr.org
match.adsrvr.org
906 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
757 B
2 google.de
www.google.de
608 B
2 google.com
www.google.com
608 B
2 facebook.com
www.facebook.com
graph.facebook.com
599 B
2 facebook.net
connect.facebook.net
83 KB
2 adgage.es
jsc.adgage.es
67 KB
1 googlesyndication.com
pagead2.googlesyndication.com
13 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 smartadserver.com
ssbsync.smartadserver.com
347 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 pubmatic.com
simage2.pubmatic.com
490 B
1 zeotap.com
mwzeom.zeotap.com
460 B
1 lentainform.com
cm.lentainform.com
495 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
889 B
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 insurads.com
cdn.insurads.com
3 KB
1 gravatar.com
www.gravatar.com
3 KB
1 xatakawindows.com
www.xatakawindows.com
28 KB
1 dlvr.it
dlvr.it
597 B
1 t.co
t.co
679 B
122 39
Domain Requested by
16 img.weblogssl.com www.xatakawindows.com
img.weblogssl.com
15 static1.dmcdn.net www.dailymotion.com
static1.dmcdn.net
8 cm.mgid.com jsc.adgage.es
www.xatakawindows.com
6 s-img.mgid.com www.xatakawindows.com
6 pebed.dm-event.net www.dailymotion.com
static1.dmcdn.net
5 x.bidswitch.net 5 redirects
5 i.blogs.es www.xatakawindows.com
4 ab.blogs.es www.xatakawindows.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.xatakawindows.com
3 sb.scorecardresearch.com 1 redirects jsc.adgage.es
www.xatakawindows.com
3 imasdk.googleapis.com www.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.mgid.com www.xatakawindows.com
3 sdk.privacy-center.org www.xatakawindows.com
sdk.privacy-center.org
2 ad.360yield.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 sync.e-volution.ai 2 redirects
2 creativecdn.com 2 redirects
2 a.volvelle.tech 2 redirects
2 match.adsrvr.org 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 www.gstatic.com static1.dmcdn.net
www.gstatic.com
2 fonts.googleapis.com client
2 www.google.de www.xatakawindows.com
2 www.google.com www.xatakawindows.com
2 stats.g.doubleclick.net www.google-analytics.com
2 recommendations.weblogssl.com img.weblogssl.com
2 connect.facebook.net img.weblogssl.com
connect.facebook.net
2 jsc.adgage.es www.xatakawindows.com
jsc.adgage.es
1 token.rubiconproject.com www.xatakawindows.com
1 pagead2.googlesyndication.com srcdoc
1 s1.dmcdn.net www.dailymotion.com
1 dmxleo.dailymotion.com static1.dmcdn.net
1 s0.2mdn.net imasdk.googleapis.com
1 pixel.rubiconproject.com www.xatakawindows.com
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io www.xatakawindows.com
1 simage2.pubmatic.com www.xatakawindows.com
1 mwzeom.zeotap.com www.xatakawindows.com
1 cm.lentainform.com www.xatakawindows.com
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 speedtest.dailymotion.com static1.dmcdn.net
1 vendorlist.dmcdn.net static1.dmcdn.net
1 servicer.mgid.com jsc.adgage.es
1 c.mgid.com jsc.adgage.es
1 graph.facebook.com connect.facebook.net
1 www.facebook.com connect.facebook.net
1 www.dailymotion.com api.dmcdn.net
1 api.dmcdn.net img.weblogssl.com
1 www.googletagmanager.com img.weblogssl.com
1 cdn.insurads.com img.weblogssl.com
1 www.gravatar.com www.xatakawindows.com
1 www.xatakawindows.com t.co
1 dlvr.it 1 redirects
1 t.co
0 sync.adtelligent.com Failed s.adtelligent.com
122 58
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.3djuegospc.com
Amazon		 2021-08-04 -
2022-09-02		 a year crt.sh
weblogssl.com
Amazon		 2021-07-16 -
2022-08-14		 a year crt.sh
*.privacy-center.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.blogs.es
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2021-04-05 -
2022-05-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
www.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-11 -
2022-01-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-10-15 -
2022-01-13		 3 months crt.sh
speedtest.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-25 -
2022-01-23		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Frame ID: AFB76D515EE5B93B9D46B3FFB6EE09FD
Requests: 82 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Frame ID: 17A75C246E1EB6377D52B7C89AC41817
Requests: 26 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4A9E507736539D52C65A5EF5344125F6
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1637672451366283961853
Frame ID: 2BA4F138A54373F47DA8D03BEC5DF01B
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: EF5BD9B124CA4C7F676B8B121C5C6088
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 705AEDD448E237B32C8455A197208DA1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: D53546F5462A4A2B317928A9F081A17E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 81E8EA88FE0ADB33DF68474E9CF7BFDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Descubren un exploit zero day permite adquirir privilegios de administrador en equipos con Windows 10, 11 y Windows Server

Page URL History Show full URLs

  1. https://t.co/umLleSIVqk Page URL
  2. http://dlvr.it/SD1xbw HTTP 301
    https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrado... Page URL

Page Statistics

122
Requests

91 %
HTTPS

38 %
IPv6

39
Domains

58
Subdomains

43
IPs

8
Countries

2391 kB
Transfer

7930 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/umLleSIVqk Page URL
  2. http://dlvr.it/SD1xbw HTTP 301
    https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 94
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lanPhliI3S05 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lanPhliI3S05 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 95
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=4bcd2627-97d9-4bc0-af50-d7bf8e2806c4
Request Chain 96
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=8c54de3d-f0a7-4b1c-b73e-82d37f14486c&ttl=1640264451
Request Chain 97
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=185491db-7c60-464b-a6e2-c241fa773783 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=185491db-7c60-464b-a6e2-c241fa773783 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=768ba1bd-5e8c-4493-acb5-37ca2023958e&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&us_privacy=
Request Chain 99
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=hci5FzVGL4OBM7tRKRIq&pi=mgid&tc=1
Request Chain 100
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lanPhliI3S05 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3199400789214203049&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFuUGhsaUkzUzA1&muidn=lanPhliI3S05 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFuUGhsaUkzUzA1&muidn=lanPhliI3S05&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=lanPhliI3S05&google_ula={guid},5&google_gid=CAESEJAuHlexZ05E0bPn3vHkj0Y&google_cver=1
Request Chain 102
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=671dbddc-811d-4fd8-84b1-2b61133965c9
Request Chain 109
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&c7=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2FumLleSIVqk HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&c7=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2FumLleSIVqk

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
umLleSIVqk
t.co/ 		257 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/umLleSIVqk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 23 Nov 2021 13:00:47 GMT
vary
Origin
server
tsa_o
expires
Tue, 23 Nov 2021 13:05:48 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
192
referrer-policy
unsafe-url
content-encoding
gzip
x-xss-protection
0
content-security-policy
referrer always;
strict-transport-security
max-age=0
x-response-time
122
x-connection-hash
de7cd963fc300eb82f5f3152ae6f555843999a5edae10c70f25375148a67ead0
Primary Request descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server
www.xatakawindows.com/windows/
Redirect Chain
  • http://dlvr.it/SD1xbw
  • https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
109 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Requested by
Host: t.co
URL: https://t.co/umLleSIVqk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2132b2923a2e407b33c52bcbf6b46ed01e9aef7ba5fb55f5d662b5883a038bd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/umLleSIVqk

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 23 Nov 2021 13:00:49 GMT
cache-control
no-cache, private
surrogate-control
content="ESI/1.0"
vary
Accept-Encoding
content-encoding
gzip
x-clientip
91.199.118.75
countrycode
DE
accept-ranges
bytes
x-cache
Miss from cloudfront
via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
TuYRyE9fy9AnTSQbpVh6zAHTufg2g7Hv3Z-DRQW2tQB5u9xQOEDdZA==

Redirect headers

Date
Tue, 23 Nov 2021 13:00:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Location
https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Cache-Control
private; max-age=90
X-Backend-Server
web03.web
prebid-gdpr-v3.27.1.js
img.weblogssl.com/LPbackend/vendor/ 		244 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/LPbackend/vendor/prebid-gdpr-v3.27.1.js?v=d7e0b6a9
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ec2af53a572ffb9f32f4994e17fc718a3a49d4994895bbb2103fc6e2352350b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 12:41:38 GMT
content-encoding
gzip
last-modified
Tue, 11 May 2021 13:27:46 GMT
server
AmazonS3
age
1200
etag
W/"6045c1a4d3f6dd9eb814da5c69f7e41d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=32000000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
kSJ6GW3hsEIt8qceG_0ujT02NAr2IzDzLFjY3xcUF_TPfoxJpcYTUw==
loader.js
sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/loader.js?target=www.xatakawindows.com
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1f184106cb241c81fd6a5a0732d5cb58a6176f1fd3a357367be6e74ae1a923c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 12:00:37 GMT
content-encoding
gzip
server
CloudFront
age
3612
etag
"e106e6589f166781cd2ebedbbecba076"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
x-amz-cf-pop
FRA56-P5
content-length
4376
x-amz-cf-id
z3XIAOxIb0n0ij_x_ZlArd8FZQTXLS5mIQFl_RRyzTRtBD0cKs8C8w==
main.css
img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/ 		1 MB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f9e8fecd070651d2be12dbfc08a79e892fff2aae9c02d78a6a272c154e9bb7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 09:43:47 GMT
server
AmazonS3
age
11273
etag
W/"93b4cb3f7cb7c1881cec9509f4d28025"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=30000000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
aXBZtce3eEv7vH7_aDReVueHzHU0Bg4amycZrpZhQE-jHZuyV7N-MQ==
1366_2000.jpeg
i.blogs.es/b1ee09/windows/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.blogs.es/b1ee09/windows/1366_2000.jpeg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-100.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d97bebc46af271729deb9a0ec7dbee2d39fafbf4b4e71242212322f74810de6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 07:35:02 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 07:27:22 GMT
server
AmazonS3
age
19548
etag
"42ca4630928378c3e7a8531de7a060cb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
41921
x-amz-cf-id
yoYnsgSs09t6SvxS7gAQiHv5DsZ-xpvmSzc30CXoBRHFMKraA_L6sQ==
1ac43caedfc8f5972ea88ec15909aaa8
www.gravatar.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/1ac43caedfc8f5972ea88ec15909aaa8?s=80&d=mm&r=g
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4ecae1d3c9a744542f9c0a0fdc1b3fc0db9e64a4287851d1584dbda7444ad5e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 23 Nov 2021 13:00:49 GMT
last-modified
Wed, 08 Nov 2017 20:10:05 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1ac43caedfc8f5972ea88ec15909aaa8.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1ac43caedfc8f5972ea88ec15909aaa8?s=80&d=mm&r=g>; rel="canonical"
content-length
2548
expires
Tue, 23 Nov 2021 13:05:49 GMT
375_142.jpg
i.blogs.es/5f4a14/seguridad/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.blogs.es/5f4a14/seguridad/375_142.jpg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-100.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
327706b78f47df169247915858cb6e5399a340c7aceeb141b1c9b49f96c47c4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 15:10:46 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 18 Dec 2019 09:03:12 GMT
server
AmazonS3
age
1806604
etag
"8a97f878249437c582302a386537e4b3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10674
x-amz-cf-id
eT-euaK7sfqSNgav1AZBJKA_66YXzbQVaIeontX8GKy56bX9hiS18g==
xatakawindows.com.1056117.js
jsc.adgage.es/x/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adgage.es/x/a/xatakawindows.com.1056117.js
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:90dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e70ed354da0f691d7ffa1938ef2f32be82814beb2f499f222189775c3b3fd52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7899391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
C8ZRTZ1GB1HPEX14
x-amz-id-2
Bb66j9VA0Cv+AfNm0UH4dM5Ukf6VsEKwlgDj0IBuWtKr8kthk9q7hYaf9wN7KusFoVljpJhatNw=
last-modified
Wed, 11 Aug 2021 12:50:23 GMT
server
cloudflare
etag
W/"7083128adca544952c0135b9f81c8194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qcBmb17yYrwMf42M%2FpuKBwvg9dR7KWIDgmYGLDzvba3TWBvL6MmdLjsrEcqa9yVfRpbSG336%2BWtiJMiQBNGwBmSfqUd5u%2FrTaAnzhJZhmyu%2FRgOVBpEj4N50oGSUaXpfAOgA4sUmsnZ%2Fzmb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
6b2a95293b9042cf-FRA
postpage-d7e0b6a9.js
img.weblogssl.com/LPbackend/prod/v2/js/ 		873 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0412bdf0994ae0f02005f0e697046554e6b8ad5b7c248788119432e82bd62886

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 12:43:10 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 08:15:41 GMT
server
AmazonS3
age
1472
etag
W/"3c46d8c93a9dd70ee59afb42c485fd99"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
RGJONzV1trz8jLLfq1hrLA1VCfLzZRfVOhSRbs7vvoTDPs0iEFZldg==
sdk.a9af5009056768582a8a2a781dccef82bece93b3.js
sdk.privacy-center.org/ 		379 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.a9af5009056768582a8a2a781dccef82bece93b3.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/loader.js?target=www.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6aa7e388e60e87ffc467f88d6aaf9de34d94f380e77fc9215f336bf149193d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 09:23:19 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 09:19:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1637572525/ctime:1637572525/gid:0/gname:root/md5:00d350acec7a1f3f302dd46a9d15c5cb/mode:33188/mtime:1637572525/uid:0/uname:root
age
99451
etag
W/"00d350acec7a1f3f302dd46a9d15c5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
VPGfqD58SGsGPoIheX8pWG42COXZL4f-NQzeEzWbcHYNoJBzzsbKww==
ui-gdpr-en.a9af5009056768582a8a2a781dccef82bece93b3.js
sdk.privacy-center.org/ 		257 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.a9af5009056768582a8a2a781dccef82bece93b3.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.a9af5009056768582a8a2a781dccef82bece93b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f840b447d196df7f66b1b3afa4ac0606c8540f6a7f1b61657d7068acb00ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 09:23:21 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 09:19:23 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1637572525/ctime:1637572525/gid:0/gname:root/md5:b9e5b09f6ff5f8669c62dba7eee9d2b2/mode:33188/mtime:1637572525/uid:0/uname:root
age
99449
etag
W/"b9e5b09f6ff5f8669c62dba7eee9d2b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
OVpTOiifbYLP3UuOoM_xpnecxtdlQtFeairJr-mdVx1QT1Hpc3dNMQ==
xatakawindows-logo-canvas_dark.png
img.weblogssl.com/g/brands/logos/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.weblogssl.com/g/brands/logos/xatakawindows-logo-canvas_dark.png
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1328ab12a3de9598acbb34bdea9b0a37f6e6d0bb17907c996e8469a9928bb09c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 05:53:59 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 12:36:02 GMT
server
AmazonS3
age
9356811
etag
"b31ff5cc90e1c4d3399cb96a6f7c8a87"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
10458
x-amz-cf-id
VnAAonh26yNNuIe6gKdEHhNdENLRdS7Yjwpq_wUb3M_uAuvFFjp7JQ==
xatakawindows.com.1056117.es6.js
jsc.adgage.es/x/a/ 		242 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:90dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12dfee04f8619f01038738190ec3d37b695c002a01581275fc6b75e87282f4fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7899391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
G1VY1GZXK4QG5HSV
x-amz-id-2
QemnEI+hWjbsL3CQL4QHInc69Phv37+0oR2ewkeIus1ZOLpC4Cl8u3uzI0fvdyh/6NjQ2Pg2T5U=
last-modified
Wed, 11 Aug 2021 12:50:23 GMT
server
cloudflare
etag
W/"910cc7afd97743f1fef02b555fc7b4ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p%2Fs9gI5rOa4B9YwLnBvNlmrp4LCxty3rC8oCrT6J%2Bclg3BfEnwszWk9bel9O5s0Mxi4OIFCo33kaBPl3%2BmpA%2FRwlCVrUNzfjryZVYvYTtZNNz8Jhdzm%2B1%2B7sYPlG5Y1CgmsVQ6QYZZU3hBY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
6b2a952b0a4a42cf-FRA
line-canvas.svg
img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/images/line-canvas.svg?v=134
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21d0d2297739ba16300ffb04c1c42cd9f6bb9718b2de8848ceee3df62f09ca26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:57 GMT
content-encoding
gzip
last-modified
Fri, 21 Dec 2018 07:16:45 GMT
server
AmazonS3
age
11273
etag
W/"03c42240650e7b1b1e93aa62431daa61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=30000000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Tw6xmR_8LOgd8ekD80SyswXUVOgvfRZmhtuKo2xe6nhA631Vy3mxOA==
webedia-default.svg
img.weblogssl.com/g/r/svg/webedia/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.weblogssl.com/g/r/svg/webedia/webedia-default.svg?v=134
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7c524af142ac2b99d4f9bf37fe7bdc13abcb6eef227c8ff299448513f13a7c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:57 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 07:49:54 GMT
server
AmazonS3
age
11273
etag
W/"3ef62210bcf236290e3c7880bb5c0b04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
MI27v-PPZjgDieSVSH__E5H1S0U674g30sU4QLduQF1SxpZn83C6pw==
head-brand-logo.svg
img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/images/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/images/head-brand-logo.svg?v=134
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2363371656ac18a50d93c6942cc0c46886d2b29af101117f21c0f83e642fa1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:57 GMT
content-encoding
gzip
last-modified
Fri, 21 Dec 2018 07:16:41 GMT
server
AmazonS3
age
11273
etag
W/"f1a516276fe0fcd0056573ce6c1bf6b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=30000000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
bhAAwUu4TMnbdP7-nzR1dBiQcsHdLnHgE5P7H-4tDVwjwX5MUZQMDQ==
tofino_regular-webfont.woff2
img.weblogssl.com/g/r/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_regular-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d3c7428a9340184fdcf160acdf6bb87efd87165a671aeb343520a22a3f2846d

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"791212a7626e430aaee8433a6ee49646"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
25764
x-amz-cf-id
UHmOR1KbYr9rvaMGIDE4ms8HEANqxyP_FvyLu_FJe4uF9SmNh2iTRQ==
icons.ttf
img.weblogssl.com/g/r/icons/ 		24 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/icons/icons.ttf?bv10vh7
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
477ee5b4670860057aa8719c66e2a81bdfcc7587ed9dca3c7ed8ad76a541b815

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:57 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 06:14:59 GMT
server
AmazonS3
age
11273
etag
W/"c779ddf66f8aa1b4dbf59c771e074d22"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
application/font-sfnt
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
dRq--vqvHZNkaANzB5LqwSVbC_xgNPOno3y2ziLy2qKl-xO82MuH_w==
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
tofino_bold-webfont.woff2
img.weblogssl.com/g/r/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_bold-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e6e2c6850694985f529126a28d71141375fd08787ca7abac3d9137be8f4b057

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"99c0bd3a43dc9fd03ca1781c61c09e6f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
25204
x-amz-cf-id
4aUkpS5EjMllFKXEKkaS5tLnPbFGD6wqgSN-yaIsXbqG-inLGXaO1A==
charter_regular-webfont.woff2
img.weblogssl.com/g/r/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/fonts/charter_regular-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50a0050e04d8c49be258c2bea7ad79619303071fcb6b00df50f21ef9d8d85c6a

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2019 07:49:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"554cdfa4043584554c8ef63e1c94a6e0"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
22544
x-amz-cf-id
z3Rr01FFBnYPjQca-uTVilOMNC01ClpjbsZYzg5v8jQRrzdUl1QlSw==
charter_bold-webfont.woff2
img.weblogssl.com/g/r/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/fonts/charter_bold-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3666e4a2a4292705eb7c1df421862c318bdbc7119a7b822acdc3fdb8f2d1c9a

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2019 07:49:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"a58cea76dc73b44a0ac0bebdfe2f4985"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
22432
x-amz-cf-id
XQ9Y55qcP9NOwTQaIXAWoKAjyDnYFj2jrKOO0YHIe8xpI2i_y4n4WA==
tofino_medium-webfont.woff2
img.weblogssl.com/g/r/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_medium-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52cd4c98082867738a9f27e30d46276a136d5b9bc81b102361e9bb2a32097e4d

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:49 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"512cb6a2d5c843257a3f25c1c200d41b"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
25512
x-amz-cf-id
7D59t2-2jkzZGalgcBsS43hr3W58cuIyQI3DwfyevXrK82OikW1dZQ==
favicons.ttf
img.weblogssl.com/g/r/icons/ 		16 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/g/r/icons/favicons.ttf?n1rtsy
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe72a32e1769c6c6d1ca742a29747f4bba3569f93b529cd4771df0f7d046ea61

Request headers

Referer
https://img.weblogssl.com/css/xatakawindows/p/skin-site-xataka-d/main.css?v=1637660637
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 09:52:58 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 06:16:33 GMT
server
AmazonS3
age
11272
etag
W/"429012388a96c6002152176ade7a802f"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, HEAD
content-type
application/font-sfnt
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
4vx0WzwaAgwfMXnA7I1CR8e7WD_at3rSGnkJjI3AYABG6gOpti9nsw==
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
dailymotion-d7e0b6a9.js
img.weblogssl.com/LPbackend/prod/v2/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.weblogssl.com/LPbackend/prod/v2/js/dailymotion-d7e0b6a9.js
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5269ca2f449fcc750f900f712ad34ace28ecf69a69e08d6c048aa58c93186625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 12:55:21 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 08:15:34 GMT
server
AmazonS3
age
454
etag
W/"404917b38703918665f549ddb5cae304"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
r2aj0eyh4cRbGT_7JeRIffNd5KLfUncEERjqPOyGQDVbt3Xzm2uGgA==
sdk.js
connect.facebook.net/es_ES/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/sdk.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8976e970229db6cc040739c8c8626d57da2c8c2c69ff71a3a5aee30622ea3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
aCtx84P4326SxxEXJ1ZQAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 23 Nov 2021 13:17:21 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
0YXaaFn7PODZDchutexoLrrkcUK2FsonZY8TogBtrSDZQOYj3wQm5bZH2+mICksZ0Iug4dUL3QYxS1Gqqqy2dg==
x-fb-trip-id
686109401
x-fb-content-md5
6962c31179e68de44ab592c40965a959
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 23 Nov 2021 13:00:50 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a2a8528c416ae94ed782d78aa27f6f4f"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
PHW8HX3M.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/PHW8HX3M.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8c32b7e51bee44462eef0b96a1b9b13668d8006596fc14a8e1db54b023184679

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
cdn-edgestorageid
756
x-amz-request-id
JCEMZBQ6T58HCQ6H
cdn-cachedat
11/23/2021 11:54:58
cdn-pullzone
55316
x-amz-id-2
FZUrf0/JwloaKOIRmV44RLADlC1CWo6+jnSw9Peug6I2N2TuE386un/zxd7/MdTb982N3X7HE/w=
server
BunnyCDN-DE1-756
last-modified
Tue, 23 Nov 2021 10:42:58 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=31536000
cdn-requestid
ac310bd817491223956fb5a59ab7cafe
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSGB6LH
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7f907450a34fa0b7b875771941aab91ffe6e028eb96c7b3b4916326524537f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40129
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Nov 2021 13:00:50 GMT
xatakawindows
recommendations.weblogssl.com/editorial/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recommendations.weblogssl.com/editorial/xatakawindows
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7400:16:9f91:2d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
5bf01a8a0ab30135a38807f842f2f41d5f75591c790d75b4b370db721477ee7e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 11:14:20 GMT
content-encoding
gzip
etag
W/"895-Rpgrr+CwXj1qrwIHqPmZKrvrXeU"
age
6390
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WF1nf5w_G65_vl22LUY3sR7BvPW8IHNqg4QoejN7bqByjBlvnQBPMA==
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
DE
recommendations.weblogssl.com/xatakawindows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recommendations.weblogssl.com/xatakawindows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server/DE
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7400:16:9f91:2d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
2b8fe31bddeb816c03ae46af7370ad14175cb5953aa56217dad5d98f4d3bf2fd

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 11:27:52 GMT
content-encoding
gzip
etag
W/"1146-IEaUp8Stz56zDGaPcbpbJUL6nn4"
age
5578
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5Nu5_W2LiOfTpgVe4OqY8QjUi009SsUiN5elh-hSO_NEixzY1MRL-Q==
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
avatar.png
img.weblogssl.com/css/xatakawindows/p/v6/images/ 		751 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.weblogssl.com/css/xatakawindows/p/v6/images/avatar.png
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9a30012fbbbcf62751b0f8e0402e6bfe334574823c1a3944d6ac71e971e902b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 04:10:05 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2019 10:46:03 GMT
server
AmazonS3
age
3315046
etag
"2f17851e8b252fdff99d4e7c838f3f29"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=30000000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
751
x-amz-cf-id
QDZ6FQRYfu4Lrb91zzdpHcLAHShOff9s2KDZtLpjCd4Mjt3H7QoDow==
all.js
api.dmcdn.net/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/dailymotion-d7e0b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
49566600bfa0cd1a7804582e0cb5da0f8abaad1c19cba621fb698d5536f0d4ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
16099
server-timing
total;dur=0, dc;desc="dc3"
content-length
10850
last-modified
Tue, 23 Nov 2021 08:29:55 GMT
server
DMS/1.0.42
etag
"619ca683-7477"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-llid
9708bc2399c9f9c514a9ce594118c928
expires
Wed, 24 Nov 2021 08:32:31 GMT
sdk.js
connect.facebook.net/es_ES/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/sdk.js?hash=bed5c24ddb72fdf33822e6a897d852f9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f67cbe289d677b413813562594dedcc57baa9d3fa2e39e204abb0a2347533f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uv7zsOu8ty6ybicg8UuSLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 23 Nov 2022 11:45:41 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82879
x-fb-rlafr
0
x-fb-debug
JGzWPAG/2nfl7wIe4l7UW0pjnd9ZuGpT88ODNHL6vreioxIA4kHwZGQoxYTDQe6acSR7IvKPvzWv3JrWsuZGDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e96defe942c48f1ccdf2358b3da6fd16
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 13:00:50 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"11903f6a9a9cfa83cfe98fb2a97c2b4a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSGB6LH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7183
date
Tue, 23 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Nov 2021 13:01:07 GMT
abtest.png
ab.blogs.es/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.blogs.es/abtest.png?editorialRecommendations=view&device=desktop
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:20:36 GMT
Via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
Age
4196415
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
lAdqvwtU4FHdzfjwcpM1Cq8whPUBZomyF5fSOFZ_pZmxjh8I7TZ5TA==
150_150.jpeg
i.blogs.es/2f5b55/recortes/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.blogs.es/2f5b55/recortes/150_150.jpeg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-100.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fddae78028f552c6c932199c46e604299a1b1368565fed082c6d3730b5a3bf84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 03:17:27 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 06:44:56 GMT
server
AmazonS3
age
726204
etag
"fd5c9a6baa4b23c471f096d9265de5f5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5535
x-amz-cf-id
ISYVPz_5FVauIz8AraoxLIv-MDsdXA56QgUjcrgLj60eDPYPKVLt8w==
150_150.jpeg
i.blogs.es/5c826b/update/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.blogs.es/5c826b/update/150_150.jpeg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-100.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c89393f802c4b6e94d707559350fe923a3783380aca281ade94a07ecec6990f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:17:03 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 07:15:33 GMT
server
AmazonS3
age
488628
etag
"32bddb557d19e6cee0442806c83ec1a6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6103
x-amz-cf-id
b92xqMxh1cDxITQts-faGZ-MSSs-51SqB4lOmv8ZKlBip50nMPNzPw==
150_150.jpeg
i.blogs.es/2f30b9/store/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.blogs.es/2f30b9/store/150_150.jpeg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-100.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
222d5ef7888cb9be6998705b13209e5989d6c828e8d3ef24b9d648678b144bb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 06:34:07 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 09:54:55 GMT
server
AmazonS3
age
887204
etag
"de614eb5e2466e3ce0959b5a0fd17540"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
7776
x-amz-cf-id
XkwT_GghCXPyxwsccVu6xNZckof1e_JtRJ9LKSrBBaDF7H_XHnFf3Q==
abtest.png
ab.blogs.es/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.blogs.es/abtest.png?event=view&editorialCampaignId=1307
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 02:18:44 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
Age
6432127
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
HXZ5MwVY8jUfTOsfsIxztxv-EfE83UegDwgxIj-6LxsKyoOFTC3exQ==
abtest.png
ab.blogs.es/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.blogs.es/abtest.png?recommendationsAction=view&device=desktop&recommendationVersion=374&containers=topPosts,topPosts,topPosts,topPosts,topPosts,topPosts,topPosts
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 08:43:56 GMT
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
Age
18937015
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
VTPrZtsR8cX8Xok8PM_0XDZ_Nsox8Fjkp7DzGdgyI67uam0xGegKsg==
abtest.png
ab.blogs.es/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.blogs.es/abtest.png?sidebarRecommendations=view&device=desktop&recommendationVersion=374&containers=topPosts,topPosts,topPosts
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 14:26:54 GMT
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
Age
2500437
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
GgUWpivlVcnjA3iLsL-uP9d4pAoo5MlZCXD34Ert6UGAk60JaO3UbQ==
x85g2v7
www.dailymotion.com/embed/video/ Frame 17A7 		42 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
67664c6a79a1be7ce86bf5c804df9ddb99232106d5384acc1a5abaa0a746a6ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
20528
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Nov 2021 13:00:50 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Referrer-Policy
no-referrer-when-downgrade
Server
DMS/1.0.42
Server-Timing
total;dur=155, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=531798780169254&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js?hash=bed5c24ddb72fdf33822e6a897d852f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
bfkaQZRrnSijGF2jfCo9xQtfS4IDXz4vlH2Bkqt2yJViWHn0xczH9M01xN5WPus9GmmlmfOBB7RdJtrAFZOKfA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Tue, 23 Nov 2021 13:00:50 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xatakawindows.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=278310550&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2FumLleSIVqk&ul=en-us&de=UTF-8&dt=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1452346992&gjid=330244523&cid=734296667.1637672450&tid=UA-78515-64&_gid=1886911394.1637672450&_r=1&gtm=2wgba1WSGB6LH&cg1=post&cg2=jose%20antonio%20carmona&cg3=windows&cg4=normal&cg5=211123&cd2=no&cd4=125151&cd5=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&cd6=2021-11-23&cd7=XTW&cd8=postpage&cd9=1&cd10=0&cd11=4&cd12=Technology&cd13=2021-11-23T07%3A27&cd14=windows&cd15=windows%2Cgithub%2Cpermisos-de-administrador%2Cexploit&cd16=jose%20antonio%20carmona&cd17=normal&cd19=DE&z=262905218
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xatakawindows.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=278310550&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2FumLleSIVqk&ul=en-us&de=UTF-8&dt=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=675741446&gjid=1120667711&cid=734296667.1637672450&tid=UA-78515-62&_gid=1886911394.1637672450&_r=1&gtm=2wgba1WSGB6LH&cg1=post&cg2=jose%20antonio%20carmona&cg3=windows&cg4=normal&cg5=211123&cd2=no&cd4=125151&cd5=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&cd6=2021-11-23&cd7=XTW&cd8=postpage&cd9=1&cd10=0&cd11=4&cd12=Technology&cd13=2021-11-23T07%3A27&cd14=windows&cd15=windows%2Cgithub%2Cpermisos-de-administrador%2Cexploit&cd16=jose%20antonio%20carmona&cd17=normal&cd19=DE&z=1594526045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xatakawindows.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-78515-64&cid=734296667.1637672450&jid=1452346992&gjid=330244523&_gid=1886911394.1637672450&_u=YEBAAEAAAAAAAC~&z=1582057014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 23 Nov 2021 13:00:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.xatakawindows.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-78515-62&cid=734296667.1637672450&jid=675741446&gjid=1120667711&_gid=1886911394.1637672450&_u=YEDAAEABAAAAAC~&z=1219177796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 23 Nov 2021 13:00:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.xatakawindows.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
graph.facebook.com/v8.0/ 		152 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v8.0/?fields=engagement&id=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&method=get&pretty=0&sdk=joey&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js?hash=bed5c24ddb72fdf33822e6a897d852f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70d06ff16818ec7683b9f90e1b4310e6b78375cb2138f06aa5cbe7e474a894d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.xatakawindows.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004767928
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
152
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
0lGw3gcWwrWIQQpTjXnjPPQnj3bATNZ2i8yRfNTryICrnEtwZfH4njgMYHuj4ai+/MNnw3iBbVRSEHflBrNKeA==
x-fb-trace-id
DARpmCyXrkW
date
Tue, 23 Nov 2021 13:00:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ABD0ZDQW8pbtk9bvDKuM5ZW
cache-control
no-store
facebook-api-version
v8.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78515-64&cid=734296667.1637672450&jid=1452346992&_u=YEBAAEAAAAAAAC~&z=1964170865
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78515-64&cid=734296667.1637672450&jid=1452346992&_u=YEBAAEAAAAAAAC~&z=1964170865
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78515-62&cid=734296667.1637672450&jid=675741446&_u=YEDAAEABAAAAAC~&z=1246968704
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78515-62&cid=734296667.1637672450&jid=675741446&_u=YEDAAEABAAAAAC~&z=1246968704
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 12:15:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 13:00:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 13:00:50 GMT
css
fonts.googleapis.com/ 		3 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 12:07:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 13:00:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 13:00:50 GMT
/
c.mgid.com/pv/ 		0
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1637672450586258044212&uniqId=0d3cf&childs=1072650,1094648,1108427&niet=4g&nisd=false&jsv=es6&ref=https%3A%2F%2Ft.co%2FumLleSIVqk&cxurl=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&pr=t.co&lu=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&sessionId=619ce603-004ca&pageView=1&pvid=17d4ce27a1aade3042d&site=669905&implVersion=11&dpr=1
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b2a95329c5dd6d9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Adgage_by_MGID_plus.svg
cdn.mgid.com/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adgage_by_MGID_plus.svg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aca94e72472a552c05998ab6c8e0ae17ecb76c550b9d16888065388b04532a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
4522
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
DF44AT0QMBM9KHD4
x-amz-id-2
j66eb9rgDufnTMQqb1JtqZSe20hYKtLUmE614jKKBnNmRkxxMgFGyMbXHQ2gk/M0Eqf3XKkzpaI=
last-modified
Tue, 23 Feb 2021 16:22:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:ebe323c555a18b9bc2a1d23bd7b1742a/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"ebe323c555a18b9bc2a1d23bd7b1742a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6b2a953298bc7025-FRA
expires
Wed, 24 Nov 2021 13:00:51 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
5221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6b2a953298c37025-FRA
expires
Wed, 24 Nov 2021 13:00:51 GMT
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
br
cf-cache-status
HIT
age
5181
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
40YAE8279QGQ594N
x-amz-id-2
ccmfumYfMf8PEiVn0b+wX3aqSdbE22jgy+oWBv703Ves0ULnOfIsi5xfzLj3SqFFvw3saoQ/2tY=
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6b2a953298c87025-FRA
expires
Wed, 24 Nov 2021 13:00:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options
nosniff
age
500671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 17:56:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 14:02:00 GMT
x-content-type-options
nosniff
age
601130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 14:02:00 GMT
1
servicer.mgid.com/1056117/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1056117/1?pv=5&cbuster=1637672450898158338182&uniqId=0d3cf&childs=1072650,1094648,1108427&niet=4g&nisd=false&jsv=es6&w=696&h=435&p5_w=225&p5_h=183&maxw_5=225&maxh_5=183&cols=3&consentData=CPQIPwQPQIPwQAHABBENB2CgAAAAAH_AAAAAAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwEesIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdprApplies=true&ref=https%3A%2F%2Ft.co%2FumLleSIVqk&cxurl=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&pr=t.co&lu=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&sessionId=619ce603-004ca&pageView=1&pvid=17d4ce27a1aade3042d&implVersion=11&dpr=1
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3575a7d5fad6f9c1aef6715a8c7fd5cefcf12f2904c4b3217b0df8c8f80b98b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b2a953299f44e2b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dmp.jq_flight.3033f0d7176196134921.js
static1.dmcdn.net/playerv5/ Frame 17A7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.3033f0d7176196134921.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
14940
last-modified
Mon, 22 Nov 2021 14:02:04 GMT
server
DMS/1.0.42
etag
"619ba2dc-a5dc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
825e3c6dd117b39a19159b123ba8fbe2
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.manifest.38b3a3f65ce8801f48bb.js
static1.dmcdn.net/playerv5/ Frame 17A7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.manifest.38b3a3f65ce8801f48bb.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b1a3353436c5f0d86477508a13f780947f17f7421cd0e52fb7bbcc781ba56bd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
2119
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-1170"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
dee27e4731cf36f49421ad9d400f7201
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.vendor.dc19b5e1e17ebe5b97db.js
static1.dmcdn.net/playerv5/ Frame 17A7 		332 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendor.dc19b5e1e17ebe5b97db.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
50f875818c12b4bac50d2ac2bb80e0edab07d6172d77641c305daf077f2c34ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=1, dc;desc="dc3"
content-length
102538
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-531cd"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
cf434cba607926f3e02b6e6a5b3cbbde
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.main.5954a7b0587bc373f733.js
static1.dmcdn.net/playerv5/ Frame 17A7 		220 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.main.5954a7b0587bc373f733.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
68a95d96fdaa5ad48304e2957b7579a069bcc5e1e918e54b546b1fada7653060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
52120
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-37140"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
ad6ae6aac1162a69953e304953952749
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.svg_critical.2202bba64ea46ecc7424.js
static1.dmcdn.net/playerv5/ Frame 17A7 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.svg_critical.2202bba64ea46ecc7424.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=1, dc;desc="dc3"
content-length
2586
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-2da4"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
aac808088f593fcf66705c5b88b0a29b
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.start_screen~theme_neon.0c7264bbbffa35028162.js
static1.dmcdn.net/playerv5/ Frame 17A7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.start_screen~theme_neon.0c7264bbbffa35028162.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
afbdfdd5f103e0d409b8ae44a4040248964b328b0ae50861bd493a4d7587cf7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
9624
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-80d4"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
a308e73bbb63af43f03ff9555c498d53
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.locale-en-US.89c08fbc7e17a76680a7.json
static1.dmcdn.net/playerv5/ Frame 17A7 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.89c08fbc7e17a76680a7.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
age
527005
server-timing
total;dur=0, dc;desc="dc3"
content-length
1077
last-modified
Tue, 16 Nov 2021 12:45:35 GMT
server
DMS/1.0.42
etag
"6193a7ef-fbd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
c4911655e044e3c16ea4944990cdf678
expires
Fri, 17 Dec 2021 10:37:26 GMT
/
pebed.dm-event.net/ Frame 17A7 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 23 Nov 2021 13:00:51 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.theme_neon.11fb8d254d9606498978.js
static1.dmcdn.net/playerv5/ Frame 17A7 		542 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.theme_neon.11fb8d254d9606498978.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
11f9a9bf4684a6b838bc293ed52098a626221fd40d8f595461e898393b4ee0c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
151375
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-87979"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
aef7f28349ac7ed6ab9efef798224dea
expires
Wed, 22 Dec 2021 21:05:05 GMT
dmp.vendors~theme_neon.03d60d604f7a509d0f7f.js
static1.dmcdn.net/playerv5/ Frame 17A7 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.03d60d604f7a509d0f7f.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b4700758182849390e83510cfa4d6ac01e49183ad810851b099d55fb0b93eec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:50 GMT
content-encoding
gzip
age
57345
server-timing
total;dur=0, dc;desc="dc3"
content-length
16342
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-f198"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
00412be5125ab11f93e6a74b5474f9a0
expires
Wed, 22 Dec 2021 21:05:05 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 17A7 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Tue, 23 Nov 2021 13:00:51 GMT
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Tue, 23 Nov 2021 13:00:51 GMT
Content-Length
0
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame 17A7 		294 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.03d60d604f7a509d0f7f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
bb8be4c08d8e3b75d889991571be947e23d0ca9eed7c8df0c662357a8cee1714

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
s_636qh6oS5kwoTHzxquFXnfZJg6QPoU
via
1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
age
420629
content-encoding
gzip
content-length
37929
last-modified
Thu, 18 Nov 2021 16:05:33 GMT
server
AmazonS3
date
Tue, 23 Nov 2021 13:00:51 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.245.199
x-amz-cf-pop
CDG53-C1
x-amz-cf-id
oywVdPnvoe30ui0OQ_Z-_lNAOzpW33ibQd_VBHn_WKpm472y1K8-gA==
x-llid
512842554006a62bc9b5c26d51c3ab47
expires
Thu, 25 Nov 2021 16:10:22 GMT
Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 17A7 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
last-modified
Tue, 16 Nov 2021 12:45:26 GMT
server
DMS/1.0.42
age
527020
etag
"6193a7e6-9118"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
37144
x-llid
ba276d20da3e7be9a86e01b6836b2a10
expires
Fri, 17 Dec 2021 10:37:11 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 17A7 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.11fb8d254d9606498978.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Nov 2021 13:00:51 GMT
latencies.js
speedtest.dailymotion.com/ Frame 17A7 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.11fb8d254d9606498978.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 13:00:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Tue, 23 Nov 2021 19:00:51 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4A9E 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.11fb8d254d9606498978.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Tue, 23 Nov 2021 13:00:51 GMT
dmp.controls_seek.2042503fdfa51c1381ad.js
static1.dmcdn.net/playerv5/ Frame 17A7 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.controls_seek.2042503fdfa51c1381ad.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.38b3a3f65ce8801f48bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9c23b81b2e61c831f4b9975b585673b22c54a4afda02d4a3919dd290325cb5c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
age
57344
server-timing
total;dur=0, dc;desc="dc3"
content-length
18742
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-11f63"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
b64b2137d7e3bc842cf4753c22ccb5ed
expires
Wed, 22 Dec 2021 21:05:07 GMT
dmp.interaction.948e20a37eea8c1a6449.js
static1.dmcdn.net/playerv5/ Frame 17A7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.interaction.948e20a37eea8c1a6449.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.38b3a3f65ce8801f48bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
age
57343
server-timing
total;dur=0, dc;desc="dc3"
content-length
4757
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-3d57"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
fc8a0d85043f70ec65084bc80682c1c7
expires
Wed, 22 Dec 2021 21:05:08 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp
s-img.mgid.com/g/3805476/492x277/0x0x629x419/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805476/492x277/0x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp?v=1637672451-WC9omgFLnMcDCPtAzmQfciHBOhz7k2SGS1zKnHWRrTw
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:17 GMT
x-mg-request-uuid
5dd50ce9-8047-4bcf-9ee7-8294ffda9c69
age
88880
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc582c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15702
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Q1YjM0OTFjYjVlN2Y3NmM0OWMwM2JhNDdjNjVjMDg0LmpwZz90PTE0OTgxNjE0Mzg0OTE.webp
s-img.mgid.com/g/3805601/492x277/0x0x672x448/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805601/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Q1YjM0OTFjYjVlN2Y3NmM0OWMwM2JhNDdjNjVjMDg0LmpwZz90PTE0OTgxNjE0Mzg0OTE.webp?v=1637672451-81-WmM8y--C1SzMStKcEhCiPid9ENOGzmrawfbuoVdM
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e33fa409accb6365c1216fc9dcef29804cccb6667426751279dcd9c82a7b72

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:22 GMT
x-mg-request-uuid
38fcc060-6819-466b-aee7-25e1f715264f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc602c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19186
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y5NmI1YjlhZTk4NWE2ZGIwODZkMWNiODFlOTJiMDBiLmpwZWc.webp
s-img.mgid.com/g/4017819/492x277/73x0x960x640/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4017819/492x277/73x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y5NmI1YjlhZTk4NWE2ZGIwODZkMWNiODFlOTJiMDBiLmpwZWc.webp?v=1637672451-J4dPVXbDVMmkCEdPuBGNWkvS8qGg6sVCgU8eiJIeux4
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3663919098170b1beac3310e2369dd4e55b4681140bb991073ff5ccf229a8fe1

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:31 GMT
x-mg-request-uuid
edbbacbf-171e-4ed7-be84-687c09e45103
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc622c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5796
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzdjYzk0MDRmZGFjZjQxN2RkNzc5MjliMjBhYTM5YjMwLmpwZWc.webp
s-img.mgid.com/g/4060560/492x277/0x72x798x532/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4060560/492x277/0x72x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzdjYzk0MDRmZGFjZjQxN2RkNzc5MjliMjBhYTM5YjMwLmpwZWc.webp?v=1637672451-mZhKtK6CYj9nKbMuXmHmLoAIZnWRri4FsPfo5gnIiic
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c86b0502726a765e1a9289e310f5da009e79b7ec4925944d6f7d553f272775

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:47 GMT
x-mg-request-uuid
b69946db-dc6c-4363-9580-8701ea244fef
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc632c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35286
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp
s-img.mgid.com/g/8164841/492x277/14x0x549x366/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164841/492x277/14x0x549x366/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp?v=1637672451-FIYoxAjbefWCM0oHwwU8EYFHMygCaQWH2go-I0zW3g8
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad96c46d7315e20b7c2909e31a9b8add5f8ff4b9fb30fe7a1fc3f75016d3c572

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:52:07 GMT
x-mg-request-uuid
278aa8df-fc9e-4a4d-a375-e6ff4c7cfa8e
age
88582
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc642c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12828
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1637672451-NhqC9JIJJVOnTM-zYuo55f2lFAAlc9a7dPZi8Gg6r0A
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b74fba6e8c57f559811311390a0137d43db05b8327f3288291d412c84badc6b

Request headers

Referer
https://www.xatakawindows.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:46:14 GMT
x-mg-request-uuid
9895504a-ce6f-43f9-9cad-2575d0db443d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b2a9536fc652c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11540
server
cloudflare
/
pebed.dm-event.net/ Frame 17A7 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.dc19b5e1e17ebe5b97db.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 23 Nov 2021 13:00:51 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
343263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:39:48 GMT
i.js
cm.mgid.com/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=CPQIPwQPQIPwQAHABBENB2CgAAAAAH_AAAAAAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwEesIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdprApplies=1&cbuster=1637672451343795124549
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86008c59810f3360d6ee715e8ebf1ce1a206cd5ff5833a46fa2a5a41a1f9580e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a9534efded6d9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 2BA4 		19 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1637672451366283961853
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a9535181ad6d9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.adgage.es
URL: https://jsc.adgage.es/x/a/xatakawindows.com.1056117.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 05:04:04 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
28651
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
AFvPUKvsrzdCp0N9fYPV02cOymfZeUn64TmxfV1EC8atP9mqfZrLDg==
sync.html
s.adtelligent.com/ Frame EF5B 		1 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=CPQIPwQPQIPwQAHABBENB2CgAAAAAH_AAAAAAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwEesIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdprApplies=1&cbuster=1637672451343795124549
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/

Response headers

Server
VertaMedia 1.0
Date
Tue, 23 Nov 2021 13:00:51 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://www.xatakawindows.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 705A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=CPQIPwQPQIPwQAHABBENB2CgAAAAAH_AAAAAAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwEesIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdprApplies=1&cbuster=1637672451343795124549
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Nov 2021 13:00:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Tue, 23 Nov 2021 13:00:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lanPhliI3S05
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b2a95371b5d0614-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
mw
mwzeom.zeotap.com/ 		95 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lanPhliI3S05&zpartnerid=1532&zdid=1532
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.xatakawindows.com
access-control-allow-credentials
true
cf-ray
6b2a95372c592b59-FRA
access-control-allow-headers
*
content-length
95
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lanPhliI3S05
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lanPhliI3S05
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&gdpr_pd=
1 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:476
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 23 Nov 2021 13:00:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=4bcd2627-97d9-4bc0-af50-d7bf8e2806c4
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=4bcd2627-97d9-4bc0-af50-d7bf8e2806c4
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a953b9c7c6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=4bcd2627-97d9-4bc0-af50-d7bf8e2806c4
date
Tue, 23 Nov 2021 13:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=8c54de3d-f0a7-4b1c-b73e-82d37f14486c&ttl=1640264451
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=8c54de3d-f0a7-4b1c-b73e-82d37f14486c&ttl=1640264451
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a95383c6c6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=8c54de3d-f0a7-4b1c-b73e-82d37f14486c&ttl=1640264451
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=185491db-7c60-464b-a6e2-c241fa773783
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=185491db-7c60-464b-a6e2-c241fa773783
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=768ba1bd-5e8c-4493-acb5-37ca2023958e&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&us_privacy=
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a95389dba6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=185491db-7c60-464b-a6e2-c241fa773783&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 23 Nov 2021 13:00:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lanPhliI3S05
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b2a95379c8e5c8c-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=hci5FzVGL4OBM7tRKRIq&pi=mgid&tc=1
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=hci5FzVGL4OBM7tRKRIq&pi=mgid&tc=1
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a95383c5e6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=hci5FzVGL4OBM7tRKRIq&pi=mgid&tc=1
pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT, Tue, 23 Nov 2021 13:00:51 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lanPhliI3S05
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3199400789214203049&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Nov 2021 13:00:52 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFuUGhsaUkzUzA1&muidn=lanPhliI3S05
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFuUGhsaUkzUzA1&muidn=lanPhliI3S05&google_tc=
  • https://cm.mgid.com/google?muidn=lanPhliI3S05&google_ula={guid},5&google_gid=CAESEJAuHlexZ05E0bPn3vHkj0Y&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lanPhliI3S05&google_ula={guid},5&google_gid=CAESEJAuHlexZ05E0bPn3vHkj0Y&google_cver=1
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b2a95389dc66940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lanPhliI3S05&google_ula={guid},5&google_gid=CAESEJAuHlexZ05E0bPn3vHkj0Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=671dbddc-811d-4fd8-84b1-2b61133965c9
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=671dbddc-811d-4fd8-84b1-2b61133965c9
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 13:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b2a9538ce546940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=671dbddc-811d-4fd8-84b1-2b61133965c9
date
Tue, 23 Nov 2021 13:00:51 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Tue, 23 Nov 2021 13:00:51 GMT
Content-Length
0
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame D535 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 23 Nov 2021 05:05:22 GMT
expires
Wed, 23 Nov 2022 05:05:22 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4A9E 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Nov 2021 13:00:51 GMT
dmp.dynamic_quality_switcher.21dad9d8340630831bdb.js
static1.dmcdn.net/playerv5/ Frame 17A7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.21dad9d8340630831bdb.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.38b3a3f65ce8801f48bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
80d8dbe96f3705f40b91c3b4b038767521ac6de94339e7d6f1756e5e9bc41a96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
age
57766
server-timing
total;dur=0, dc;desc="dc3"
content-length
7196
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-57b0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
5cfb305599ef2cf318216cd931e127c7
expires
Wed, 22 Dec 2021 20:58:05 GMT
dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
static1.dmcdn.net/playerv5/ Frame 17A7 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.38b3a3f65ce8801f48bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
age
57343
server-timing
total;dur=0, dc;desc="dc3"
content-length
54717
last-modified
Mon, 22 Nov 2021 14:01:53 GMT
server
DMS/1.0.42
etag
"619ba2d1-2f204"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
67c7f53eb3ecdf8e8662c5e678a3b514
expires
Wed, 22 Dec 2021 21:05:08 GMT
x85g2v7.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 17A7 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x85g2v7.m3u8?auth=1637845250-2688-8mpfvqi3-561831b042c755031bd5a1d47cf05cb6fSuYAYcfqRCV96prrt3xmOBj7j-e2VuFRoC_fG1Tqlpfx01LpFIyx8dfDjNF5V021f1s-Wh5NhhbJ1kmNUlLlLSM462fnRu2fodJb8xXBfvx8VuMzOPMIibsNXbpcVU79zkBvm-HXzWKgorLfQ6r8yn5kspJi0sjTcNbpnzvTN2i3nMI4z2XYiEwmKbKDA-fRSFNZaRvtyQdgV5XewzTvvAaOVQEuaz4C6_oSjl_0ZAdjj9kTqdh_F7zmFnn3HyK7QGQhfxX_oSL5D_vXdetEhPj2lHgr214BV3pNu4XLbyen1IiEhpDjYzR3dnRNUb6uWwa_jIcm7_r9jHB0zVNvJHD6S8RN7mJNIP8aUPF3goVONu8hrC3byDDHh4JC9EHc44gQEcCrWVdIAYWHpj-fWLDW0KM6zGrX_ZYa7WBa8iDjmhnBf_NY3Nv3Yb_2FVjCqkzOalPTqq37pK-O3T7Fd5_-U3ucujU_flllCP9EdBQ5uYpeHQ9ba-faA25kYtIrtqeS3CveMqomqnkVnvszy1aKASUY42qHQWB-_mHdkl9kmOzBfJiU9ecA26JTx5c33MrLvXZkuUisRsj2nGXMiR_kzdxlD1-0SQd8daK0MESr4f66IZYItH6sl0p2s7TYQePfWkscenqDK0oqcfGah5xVn8KBNvuedj3YBlU60W2Y5ISCZAOMusAHhHVHnGhFPSBLDWK5kCTOSWcIHI6fT3MiqFkqJGrNOyXyysKU0vCBSqoJkp_rRhrUySAK7GBvD8ZKpHfe6I21YTrVFWruZMwkJauset1sgYL3Z0pxjA9zvsh0e4c1fW-t78rhiQDPHlUt9CGIKbMlXDevnQwydBX8GD3b9hVP8_L7KjqbY9kkLC1As5mekj18Tjc8NdQAIBMcgUxoTLsoehoq4jNp_iT4H6jjeqAi7N8LWjhf0WfkmO3wWgQaBA2AX6LHoRmstgYuEhNYYfYqDQt6CF45n2YmD2M93OvzlPRuz_KQa5CAs0LP52ZEN4T-VvapZ6OuhRa7LSgTNJDjGyzEfIXFb8foI8TTcsah-YY2dJS1AnRmLJru_41xgqVbMU8yU8Re3CKpLfNDZI1a0FzA6u064GQuWfZbF4paec1l8A9nHypbqnQLh4sNWqXsM2e9Mppn38XVtd1Ex8pthfl8OJjLt18_86ccARlQcTLAVd41Duuk8HoS5Io_sULxYgUWxbV4TLaVI7uK2jAUru3uNFZXcJ1-EvzJ-V2CMjzIeAXYWRaLsZhtAmDNuUQvkEWQMxKWHB0gNHu_h_HsnvcSTm6--7th_Z4g6ZW133ODPPG-7wj-197seUr-0fDMpCnleWLKj1ODIRGWoG6FWm15uUiXrKR7PXfpeFYoSmMEeafF0ro-obbyTEGC_qX2osrKNkJPeSKSA92WHF1YU6ZBcEUuF_r6Y0cxPSVnhtnkXkhFg9gkkyu_5VIlKqDstv92AfNYHBepHQJheM0P0ysnww4t-hhx_y6yYILp9sPOQ1yUIM6jUQ4O_5uOX4nvfsn4vmmE0aUq2VFA9_jKs3snFQytGVlrKjSKRVIe32WBac9U4Bbl9NB1sU0McPMyj4G137V3nmffonCisKeBWTTzMuWXAm76RwhIl_a4ngkt8G5--ij7EfvPWzjl76RGGWLJC33FC2xOTBx4qzIZ_itO46Zx-S_QUwBE9N2ZlKl-kDVXlu88uJsOvZeF6qocuuTfvU17cwp9ALIoQVDNcaHgYozulwChdnJygccx0YYDaiZoRUkWvaadT66hqO-KvzcrKeOl7Xxh2YEl7RBy6KoYrbt2bY6Nz8kmnZwIMmr4svGiYJ5TM_xqAVL7WUx8aMBA0tpj7hJ9e808npVjej_CEfO4g15oDCAMgOtChcg_TXN3fkivBZQvJ17pUNZmAMbvigHQbSCI6HCnrcL3Q8LSUbdykR39e5gzADplZW472bcQVIVJWrii_8Sr8dER4UCLEsRzaoZcnHVkcO3y12JWcZWFQNUWRBmbvhmsz9dzpY9rtVA2uCenjS63mPgZ58n91dg6BcTqzO4smZ7nzxS_LIL-bVHE2PsrjucVKP1oHYy2hW1kMUEEWabYc-q0XTLv2-WGcT_ZYOSPuGVcTF3SykOU_g7RYVeSbHMK-FAReRSQEutXNzzndmCY_DrgSAbpRSc2RzYMrbXi_EKBCSwXLNK8BZxPMbfHwhSxtKfQZrkpcDnAbAKBggvmcaxaCGab_lhscKlWAQTiXegKE5n2XNT-WYj5Ayjqm-oGh8wuENJGx7p4kdopgS80S4Lkzlf8PiW8KIqq1gsHYPtvAshFDJgLDTDHmpuJt1IOP9_ec7lYLqtrsOcmjVwxkxF21Mc4aWL3IuH4ONdp0EOYAezs6OVXXgZgSeYwDWKud2C0ZCs9SuymRTfU5esd3-2MtC193453mvHTiLabcDc4mDCX295u7EeKOSLTbPoVyLv9_NTlqd8fGT5l7Ehg4hgNfDLzEjUZ1C3YX8NE2O32z70FXKL2twx4NQqkh6xhPJzo5FO5ZK8NIQn-kx8LsJdqKui2bxn7dfrzGSo6qSD1NVZaZqj9YI99-5On2zBCLqRjlkJBb2gdxWGG9pQHv3ZDn2C63xuJxNTCInSG8xUekzU6sp7L6JQEkedxg7qSZUCGvOjzBkeTfx--jHMcaHXcJqBQgRUSmTBCJJQaxzLo9Vrv0lE8CW871Q6j8B0uaqfdq5yX9NvHAeB-mMkTbgRUdJki5Ajg9Kk-8BN_sbtX2yv5cSNe6n5G0ajdFNggXCXuii9S2_11JCcBP-AHGf9XRYgbfLkBxBM_ruvNP1ZqDyYWjM8d_3em6CZaEXLv_t8CsdQcQbimQVBpenR_zbk1aNIPzZ6waelrLk9hjfeg-GSeC84Lquh0CuUmDO89t5H8BVsMsCATx9O4Kx1nrGuh8jx5Fj_TXv58yn_i_NKmH1c-fCNjVyaj_DrUIlETZ2JPBMERHKQ1LfZK9YLKxJHD_cfnSJIZImwsyvkOuz4894nIu5Rvu_na_ZDPzqeyp4MmG1RU20cpR2vWaRPZFyOuKpgy_J_HK09NkHPE4uftekfT2UcoTLNwakQ6vcX23kAG_zqZYW4mUxJtdE-mVO_n96L8DgZJKi3l5D5B4UdVFEtsuWX2CyTyE9biquDISuZLwSspA6CSiGLPOJJ52DDGRxFqFPDWHog8uHcRjat_5NOER8ne__fiow3UPJZ-7dXzSK1o-9vXSqwO1TVXgG_xZ8iHISYZscuJQ2fg77hUoMtP1bcoG5DZRxo6laPWPaP--O9d48sT2DpRnRA83DWQzNmnEMpBflT2l7E5X9Hi_NWlkY6K0VxFFqBDbWjZ0lAwNT58hbCJkvdAL1XWgzkhOXCGG3CyvT4cfwwCBPF-l6bsNOVPlmrWIZ5vMPzFHy_Zk-JwbW299jxD11A-SJbRs9Z5enboqLqpq_ARVxo3vqVjr1g2Z6wVmu-RQ8BkYgtkHA3bncFPMzqJyYIBCscU57xiOlYQAUrwNMNVYTdvUlmykc6ShpWBc_nc8GB7Jh7GKvV6UXbmxkzWgvvYQV1qZmnQXcKg&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=CPQIPwQPQIPwQAHABBENB2CgAAAAAH_AAAAAAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwEesIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=1&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.11fb8d254d9606498978.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.38 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
icscale-01-pub-ix7.vip.dailymotion.com
Software
nginx/1.15.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dm-lb-name
icscale-01-01.adm.ix7.dailymotion.com
date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
server
nginx/1.15.6
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20e...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&c7=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2FumLleSIVqk
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
sb-9-D2wOb36yiJ3dqokIayZUCFurprT46LAZuv_UB5BbTLvVRaTOA==

Redirect headers

date
Tue, 23 Nov 2021 13:00:51 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=129&ns__t=1637672451751&ns_c=UTF-8&cv=3.5&c8=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&c7=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2FumLleSIVqk
content-length
522
x-amz-cf-id
-KsKGn6P7EN8TSZMufeKIsa5BMDFicUUdKkuxG5aneatgSlE3tjlUA==
x480
s1.dmcdn.net/v/TOBU31XZM2qVkoL0t/ Frame 17A7 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/TOBU31XZM2qVkoL0t/x480
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/2 /
Resource Hash
5c64703f05fb82793a9758fae6e0b026ff889a072843af59a5f2aee0232319aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 08:38:32 GMT
server
DMS/2
age
12123
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
content-length
78083
x-llid
4e47af288ebb6d7e82831a9b565920f0
expires
Tue, 30 Nov 2021 09:38:48 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 81E8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 12:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 23 Nov 2021 13:22:15 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=278310550&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2FumLleSIVqk&ul=en-us&de=UTF-8&dt=Descubren%20un%20exploit%20zero%20day%20permite%20adquirir%20privilegios%20de%20administrador%20en%20equipos%20con%20Windows%2010%2C%2011%20y%20Windows%20Server&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video-content&ea=thumbnail-displayed&el=https%3A%2F%2Fwww.dailymotion.com%2Fvideo%2Fx85g2v7&ev=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=734296667.1637672450&tid=UA-78515-64&_gid=1886911394.1637672450&gtm=2wgba1WSGB6LH&cg1=post&cg2=jose%20antonio%20carmona&cg3=windows&cg4=normal&cg5=211123&cd2=no&cd3=0&cd4=125151&cd5=https%3A%2F%2Fwww.xatakawindows.com%2Fwindows%2Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server&cd6=2021-11-23&cd7=XTW&cd8=postpage&cd9=1&cd10=0&cd11=4&cd12=Technology&cd13=2021-11-23T07%3A27&cd14=windows&cd15=windows%2Cgithub%2Cpermisos-de-administrador%2Cexploit&cd16=jose%20antonio%20carmona&cd17=normal&cd19=DE&z=1214003490
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xatakawindows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 19:34:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62803
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 17A7 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 10:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 24 Nov 2021 10:26:19 GMT
usync.js
eus.rubiconproject.com/ Frame 705A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c9f8a04e885955196b786c5dd265420afafe6f60fca767eb43693fc7e0d874a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 13:00:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Tue, 23 Nov 2021 17:07:35 GMT
csync
sync.adtelligent.com/ Frame EF5B 		0
0
RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/fonts/ Frame 17A7 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 13:00:51 GMT
last-modified
Wed, 10 Nov 2021 10:03:12 GMT
server
DMS/1.0.42
age
1011806
etag
"618b98e0-8fcc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
36812
x-llid
cb27660b8ac85f6b4decf53a73bdccf6
expires
Sat, 11 Dec 2021 19:57:25 GMT
khaos.jpg
token.rubiconproject.com/ Frame 705A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.xatakawindows.com
URL: https://www.xatakawindows.com/windows/descubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Tue, 23 Nov 2021 13:00:56 GMT
Content-Length
0
/
pebed.dm-event.net/ Frame 17A7 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.dc19b5e1e17ebe5b97db.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 23 Nov 2021 13:00:56 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| country boolean| isSpainOrLatamUser object| dataLayer boolean| gdprAppliesGlobally function| scrollListener function| __cmp object| didomiOnReady object| WSL2 function| ga object| googletag object| apstagSlots object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners function| __tcfapi object| DidomiSanitizing object| adsbygoogle object| didomiState object| head object| iframe function| sendcomscore function| pbjsChunk object| pbjs object| _pbjsGlobals object| regeneratorRuntime object| WSLModules object| _JS_MODULES object| AML function| injectScript string| permittedBatchIps object| batchSDKUIConfig object| wslBatchSdkConfig function| addBatchScript function| jQuery function| $ object| picturefillCFG function| picturefill object| Translator function| dayjs object| Backbone object| __twttr object| twttr function| fbAsyncInit function| FuckAdBlock object| fuckAdBlock object| _mgIntExchangeNews object| MarketGidInfC1056117 function| MarketGidCContextBlock1056117 function| MarketGidCMainBlock1056117 function| MarketGidCInternalExchangeBlock1056117 function| MarketGidCColorBlock1056117 function| MarketGidCRejectBlock1056117 function| MarketGidCCriteoBlock1056117 function| MarketGidCInternalExchangeLoggerBlock1056117 function| MarketGidCObserverBlock1056117 function| MarketGidCSendDimensionsBlock1056117 function| MarketGidCAntifraudStatisticsBlock1056117 function| MarketGidCRtbBlock1056117 function| MarketGidCContentPreviewBlock1056117 function| MarketGidCGradientBlock1056117 function| MarketGidCResponsiveBlock1056117 boolean| mg_loaded_669905_1056117 object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject number| randomNoTwo object| DM object| __tgconf function| __tginitcb object| gaplugins object| gaGlobal object| gaData object| onClickExcludes function| mgReject1056117 function| mgLoadAds1056117_0d3cf function| MarketGidCReject1056117 function| MarketGidLoadGoods1056117_0d3cf function| mgReject1072650 function| mgLoadAds1072650_0d3cf function| MarketGidCReject1072650 function| MarketGidLoadGoods1072650_0d3cf function| mgReject1094648 function| mgLoadAds1094648_0d3cf function| MarketGidCReject1094648 function| MarketGidLoadGoods1094648_0d3cf function| mgReject1108427 function| mgLoadAds1108427_0d3cf function| MarketGidCReject1108427 function| MarketGidLoadGoods1108427_0d3cf object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint669905 string| _mgPvid object| __cmpBuffer boolean| _mgPageView669905 function| LoadCriteoAllPlaces1056117_0d3cf boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE

42 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: dc476644-1927-4aa0-a5b2-80a86ce1c3bf
.t.co/ Name: muc_ads
Value: dc476644-1927-4aa0-a5b2-80a86ce1c3bf
.xatakawindows.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdkNGNlMjctNWY4Ny02Y2Q2LTkzY2EtMDcwMjdlM2MzNWQwIiwiY3JlYXRlZCI6IjIwMjEtMTEtMjNUMTM6MDA6NDkuNTgwWiIsInVwZGF0ZWQiOiIyMDIxLTExLTIzVDEzOjAwOjQ5LjU4MFoiLCJ2ZXJzaW9uIjpudWxsfQ==
.xatakawindows.com/ Name: _ga
Value: GA1.2.734296667.1637672450
.xatakawindows.com/ Name: _gid
Value: GA1.2.1886911394.1637672450
.xatakawindows.com/ Name: _gat_UA-78515-64
Value: 1
.xatakawindows.com/ Name: _gat_UA-78515-62
Value: 1
.dailymotion.com/ Name: v1st
Value: 1D4684A31843D04D697190B1A1ABDCF2
.dailymotion.com/ Name: dmvk
Value: 619ce6026b4a2
.dailymotion.com/ Name: ts
Value: 618803
servicer.mgid.com/ Name: __mglb
Value: 2b804be0d04e992ad0d5ca78c8f32d46
.mgid.com/ Name: muidn
Value: lanPhliI3S05
.mgid.com/ Name: __cf_bm
Value: XqO5C5HfQc0pO8l2k9Lcxj3RjeB3sEgOogYcZVUaP.4-1637672451-0-AeSaRu2qxncCxgo2k0pRjZVjuTkMqVZGBVTQZbz3w6vhVbfVftP43B4oWlG7q5sLXWpgjT0woYZ99HOkupsFZWM=
.dailymotion.com/ Name: usprivacy
Value: 1---
www.xatakawindows.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1056117%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637672451273%7D%7D
.bidswitch.net/ Name: c
Value: 1637672451
.bidswitch.net/ Name: tuuid_lu
Value: 1637672451
.bidswitch.net/ Name: tuuid
Value: 185491db-7c60-464b-a6e2-c241fa773783
.zeotap.com/ Name: zc
Value: de858b69-60ac-4d9e-6903-760a66f7b8d6
.scorecardresearch.com/ Name: UID
Value: 1KSKGN6P7EN8TSZMUFEKISg1637672452
.lentainform.com/ Name: muidn
Value: lanPhliI3S05
.adsrvr.org/ Name: TDID
Value: 8c54de3d-f0a7-4b1c-b73e-82d37f14486c
.creativecdn.com/ Name: u
Value: hci5FzVGL4OBM7tRKRIq
.creativecdn.com/ Name: ts
Value: 1637672451
.idealmedia.io/ Name: muidn
Value: lanPhliI3S05
.e-volution.ai/ Name: v_usr
Value: 58a5b3cd-5781-4361-87e7-c194536e231e
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiiusOkgKOXOhAFOAE.
.volvelle.tech/ Name: ouuid
Value: 768ba1bd-5e8c-4493-acb5-37ca2023958e
.volvelle.tech/ Name: c
Value: 1637672451
.volvelle.tech/ Name: ouuid_lu
Value: 1637672451
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-185491db-7c60-464b-a6e2-c241fa773783
.pubmatic.com/ Name: PugT
Value: 1637672451
.pubmatic.com/ Name: PUBMDCID
Value: 3
.360yield.com/ Name: tuuid
Value: 671dbddc-811d-4fd8-84b1-2b61133965c9
.360yield.com/ Name: tuuid_lu
Value: 1637672451
.doubleclick.net/ Name: IDE
Value: AHWqTUmW_DIgSEqHpswO3XdAsQj0QLP4plESb57hTu8w8jnX3yQJKbi0U1f8Yxv2VqU
.mfadsrvr.com/ Name: tuuid
Value: 4bcd2627-97d9-4bc0-af50-d7bf8e2806c4
.mfadsrvr.com/ Name: c
Value: 1637672452
.mfadsrvr.com/ Name: tuuid_lu
Value: 1637672452
.smartadserver.com/ Name: pid
Value: 3199400789214203049
.mfadsrvr.com/ Name: ssh
Value: !mgid,1637672452
cm.mgid.com/ Name: mg_sync
Value: {"287839":1637672452,"371158":1637672451,"665953":1637672451}

2 Console Messages

Source Level URL
Text
security error URL: https://t.co/umLleSIVqk
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
javascript warning URL: https://www.dailymotion.com/embed/video/x85g2v7?ads_params=site%253DXTW%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526visitor_country%253DDE%2526postId%253D125151%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakawindows.com%25252Fwindows%25252Fdescubren-exploit-zero-day-permite-adquirir-privilegios-administrador-equipos-windows-10-11-windows-server%2526publishedDate%253D2021-11-23%2526modifiedDate%253D2021-11-23T07%25253A27%2526categories%253Dwindows%2526tags%253Dwindows%25252Cgithub%25252Cpermisos-de-administrador%25252Cexploit%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D4%2526author%253Djose%252520antonio%252520carmona%2526postType%253Dnormal%2526contentGroup1%253Dpost%2526contentGroup2%253Djose%252520antonio%252520carmona%2526contentGroup3%253Dwindows%2526contentGroup4%253Dnormal%2526contentGroup5%253D211123%2526dimension1%253Dno%2526gtm.start%253D1637672450203%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D3%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D6&api=postMessage&id=f3d7d64b867bc58&origin=https%3A%2F%2Fwww.xatakawindows.com
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
ab.blogs.es
ad.360yield.com
api.dmcdn.net
c.mgid.com
cdn.insurads.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
dlvr.it
dmxleo.dailymotion.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
i.blogs.es
imasdk.googleapis.com
img.weblogssl.com
jsc.adgage.es
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
pebed.dm-event.net
pixel.rubiconproject.com
recommendations.weblogssl.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s0.2mdn.net
s1.dmcdn.net
sb.scorecardresearch.com
sdk.privacy-center.org
secure-assets.rubiconproject.com
servicer.mgid.com
simage2.pubmatic.com
speedtest.dailymotion.com
ssbsync.smartadserver.com
static1.dmcdn.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
t.co
token.rubiconproject.com
vendorlist.dmcdn.net
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
www.xatakawindows.com
x.bidswitch.net
sync.adtelligent.com
104.16.199.73
104.19.132.78
104.19.133.78
104.19.134.78
104.19.136.78
104.19.217.61
104.244.42.69
104.92.74.8
109.206.161.21
13.32.121.71
13.32.99.23
13.32.99.58
142.250.185.66
143.204.98.100
178.79.242.16
18.194.4.47
18.66.122.122
185.184.8.65
185.64.190.80
185.86.139.104
188.65.124.38
188.65.124.59
188.65.124.90
188.65.124.91
23.79.143.124
2600:9000:2156:7400:16:9f91:2d80:93a1
2600:9000:223f:800:5:b7cc:d3c0:93a1
2606:4700:10::6816:1957
2606:4700:3033::ac43:90dd
2a00:1450:4001:801::2003
2a00:1450:4001:801::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c07::9c
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
2a0c:5c81:5095:0:225:90ff:fefa:245d
35.210.178.101
35.212.212.222
44.239.146.245
52.211.218.251
52.223.40.198
69.173.144.139
69.173.144.165
89.187.169.47
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514
0412bdf0994ae0f02005f0e697046554e6b8ad5b7c248788119432e82bd62886
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0e6e2c6850694985f529126a28d71141375fd08787ca7abac3d9137be8f4b057
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11f9a9bf4684a6b838bc293ed52098a626221fd40d8f595461e898393b4ee0c6
12dfee04f8619f01038738190ec3d37b695c002a01581275fc6b75e87282f4fa
1328ab12a3de9598acbb34bdea9b0a37f6e6d0bb17907c996e8469a9928bb09c
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691
1f184106cb241c81fd6a5a0732d5cb58a6176f1fd3a357367be6e74ae1a923c5
2132b2923a2e407b33c52bcbf6b46ed01e9aef7ba5fb55f5d662b5883a038bd9
21d0d2297739ba16300ffb04c1c42cd9f6bb9718b2de8848ceee3df62f09ca26
222d5ef7888cb9be6998705b13209e5989d6c828e8d3ef24b9d648678b144bb4
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
27f840b447d196df7f66b1b3afa4ac0606c8540f6a7f1b61657d7068acb00ab6
2b8fe31bddeb816c03ae46af7370ad14175cb5953aa56217dad5d98f4d3bf2fd
2c89393f802c4b6e94d707559350fe923a3783380aca281ade94a07ecec6990f
2d97bebc46af271729deb9a0ec7dbee2d39fafbf4b4e71242212322f74810de6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
327706b78f47df169247915858cb6e5399a340c7aceeb141b1c9b49f96c47c4b
3663919098170b1beac3310e2369dd4e55b4681140bb991073ff5ccf229a8fe1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
477ee5b4670860057aa8719c66e2a81bdfcc7587ed9dca3c7ed8ad76a541b815
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49566600bfa0cd1a7804582e0cb5da0f8abaad1c19cba621fb698d5536f0d4ca
4ecae1d3c9a744542f9c0a0fdc1b3fc0db9e64a4287851d1584dbda7444ad5e7
50a0050e04d8c49be258c2bea7ad79619303071fcb6b00df50f21ef9d8d85c6a
50f875818c12b4bac50d2ac2bb80e0edab07d6172d77641c305daf077f2c34ad
5269ca2f449fcc750f900f712ad34ace28ecf69a69e08d6c048aa58c93186625
52cd4c98082867738a9f27e30d46276a136d5b9bc81b102361e9bb2a32097e4d
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
5bf01a8a0ab30135a38807f842f2f41d5f75591c790d75b4b370db721477ee7e
5c64703f05fb82793a9758fae6e0b026ff889a072843af59a5f2aee0232319aa
5e70ed354da0f691d7ffa1938ef2f32be82814beb2f499f222189775c3b3fd52
5f9e8fecd070651d2be12dbfc08a79e892fff2aae9c02d78a6a272c154e9bb7c
67664c6a79a1be7ce86bf5c804df9ddb99232106d5384acc1a5abaa0a746a6ee
68a95d96fdaa5ad48304e2957b7579a069bcc5e1e918e54b546b1fada7653060
6aa7e388e60e87ffc467f88d6aaf9de34d94f380e77fc9215f336bf149193d4c
6b74fba6e8c57f559811311390a0137d43db05b8327f3288291d412c84badc6b
6ec2af53a572ffb9f32f4994e17fc718a3a49d4994895bbb2103fc6e2352350b
70d06ff16818ec7683b9f90e1b4310e6b78375cb2138f06aa5cbe7e474a894d1
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7f67cbe289d677b413813562594dedcc57baa9d3fa2e39e204abb0a2347533f7
80d8dbe96f3705f40b91c3b4b038767521ac6de94339e7d6f1756e5e9bc41a96
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86008c59810f3360d6ee715e8ebf1ce1a206cd5ff5833a46fa2a5a41a1f9580e
8c32b7e51bee44462eef0b96a1b9b13668d8006596fc14a8e1db54b023184679
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
9c23b81b2e61c831f4b9975b585673b22c54a4afda02d4a3919dd290325cb5c9
9c9f8a04e885955196b786c5dd265420afafe6f60fca767eb43693fc7e0d874a
9d3c7428a9340184fdcf160acdf6bb87efd87165a671aeb343520a22a3f2846d
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a7c524af142ac2b99d4f9bf37fe7bdc13abcb6eef227c8ff299448513f13a7c5
a7f907450a34fa0b7b875771941aab91ffe6e028eb96c7b3b4916326524537f1
a8976e970229db6cc040739c8c8626d57da2c8c2c69ff71a3a5aee30622ea3ce
a9a30012fbbbcf62751b0f8e0402e6bfe334574823c1a3944d6ac71e971e902b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8b1ede5de80f325fdff611e9ff2cbcb421c9249aaa740303c5cd445edeae50
ad96c46d7315e20b7c2909e31a9b8add5f8ff4b9fb30fe7a1fc3f75016d3c572
afbdfdd5f103e0d409b8ae44a4040248964b328b0ae50861bd493a4d7587cf7a
b1a3353436c5f0d86477508a13f780947f17f7421cd0e52fb7bbcc781ba56bd6
b4700758182849390e83510cfa4d6ac01e49183ad810851b099d55fb0b93eec1
b6aca94e72472a552c05998ab6c8e0ae17ecb76c550b9d16888065388b04532a
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8be4c08d8e3b75d889991571be947e23d0ca9eed7c8df0c662357a8cee1714
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9c86b0502726a765e1a9289e310f5da009e79b7ec4925944d6f7d553f272775
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2e33fa409accb6365c1216fc9dcef29804cccb6667426751279dcd9c82a7b72
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2363371656ac18a50d93c6942cc0c46886d2b29af101117f21c0f83e642fa1c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3575a7d5fad6f9c1aef6715a8c7fd5cefcf12f2904c4b3217b0df8c8f80b98b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3666e4a2a4292705eb7c1df421862c318bdbc7119a7b822acdc3fdb8f2d1c9a
fddae78028f552c6c932199c46e604299a1b1368565fed082c6d3730b5a3bf84
fe72a32e1769c6c6d1ca742a29747f4bba3569f93b529cd4771df0f7d046ea61