www.threatminer.org Open in urlscan Pro
2606:4700:20::681a:eeb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.threatminer.org/
Submission: On July 18 via manual (July 18th 2022, 4:01:32 pm UTC) from CA — Scanned from CA

Summary HTTP 205 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 54 domains to perform 205 HTTP transactions. The main IP is 2606:4700:20::681a:eeb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.threatminer.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:20:... 2606:4700:20::681a:eeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
1 1	2606:4700:10:... 2606:4700:10::6814:9710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 28	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
4 4	162.248.18.11 162.248.18.11	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10 18	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
6 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5 6	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	184.50.205.90 184.50.205.90	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	99.80.58.206 99.80.58.206	16509 (AMAZON-02) (AMAZON-02)
2 2	34.206.232.206 34.206.232.206	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.208.212.45 3.208.212.45	14618 (AMAZON-AES) (AMAZON-AES)
2 2	23.92.190.68 23.92.190.68	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
7 7	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1 2	13.226.39.84 13.226.39.84	16509 (AMAZON-02) (AMAZON-02)
1	13.226.39.8 13.226.39.8	16509 (AMAZON-02) (AMAZON-02)
32	2606:2800:220... 2606:2800:220:1410:489:141e:20bb:12f6	15133 (EDGECAST) (EDGECAST)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21d... 2600:9000:21da:2600:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 2	52.116.221.248 52.116.221.248	36351 (SOFTLAYER) (SOFTLAYER)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	34.234.174.195 34.234.174.195	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.225.126.23 3.225.126.23	14618 (AMAZON-AES) (AMAZON-AES)
1 3	23.192.31.127 23.192.31.127	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
6	34.117.239.71 34.117.239.71	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	2606:ae80:145... 2606:ae80:1451:22::730	26762 (CNVR-US-EAST) (CNVR-US-EAST)
7	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:2800:21f... 2606:2800:21f:5b71:3e29:d001:be46:4bcc	15133 (EDGECAST) (EDGECAST)
4 9	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:2800:21f... 2606:2800:21f:c0ec:d236:5e26:ab36:2d30	15133 (EDGECAST) (EDGECAST)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:7d05:5db0:2d53:4868	14618 (AMAZON-AES) (AMAZON-AES)
1	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80d::2006	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	15.235.43.120 15.235.43.120	16276 (OVH) (OVH)
1 1	23.52.167.93 23.52.167.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1 1	68.67.179.122 68.67.179.122	29990 (ASN-APPNEX) (ASN-APPNEX)
205	41

27 2606:4700:20::681a:eeb (United States)

ASN13335 (CLOUDFLARENET, US)

www.threatminer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:9710 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.creativecommons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.66.42.247 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3043.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3043.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.34 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.248.18.11 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.40.162 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.84 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.181.211 (Secaucus, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.45.33.138 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.90 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.58.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-58-206.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.232.206 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-232-206.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.212.45 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-212-45.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.92.190.68 (Fort Mill, United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.23 (United States) 7 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.39.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-84.ewr53.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-8.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (New York, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21da:2600:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.221.248 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.174.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-174-195.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.126.23 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-126-23.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.192.31.127 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms-xch-chicago.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:22::730 (United States) 4 redirects

ASN26762 (CNVR-US-EAST, US)

33across-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:21f:5b71:3e29:d001:be46:4bcc (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.151.100 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:21f:c0ec:d236:5e26:ab36:2d30 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:7d05:5db0:2d53:4868 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.43.120 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ns5012071.ip-15-235-43.net

c.us1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.167.93 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.122 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1464 pbs.twimg.com — Cisco Umbrella Rank: 634 abs.twimg.com — Cisco Umbrella Rank: 1750 ton.twimg.com — Cisco Umbrella Rank: 6509	629 KB
29	infolinks.com 2 redirects resources.infolinks.com — Cisco Umbrella Rank: 7253 router.infolinks.com — Cisco Umbrella Rank: 3671 rt3043.infolinks.com — Cisco Umbrella Rank: 79775	329 KB
27	threatminer.org www.threatminer.org	1 MB
24	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 223 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	50 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	446 KB
13	rubiconproject.com 6 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165 eus.rubiconproject.com — Cisco Umbrella Rank: 630 token.rubiconproject.com — Cisco Umbrella Rank: 787 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1102 pixel.rubiconproject.com — Cisco Umbrella Rank: 372	16 KB
13	33across.com 7 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 1029 events-ssc.33across.com — Cisco Umbrella Rank: 2017 cms-xch-chicago.33across.com — Cisco Umbrella Rank: 6852	5 KB
13	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505 r.casalemedia.com — Cisco Umbrella Rank: 850 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597	12 KB
10	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 6433 data.ad-score.com — Cisco Umbrella Rank: 5407	124 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 720 syndication.twitter.com — Cisco Umbrella Rank: 967	214 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 282	148 KB
7	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 436	7 KB
7	pubmatic.com 7 redirects image8.pubmatic.com — Cisco Umbrella Rank: 632 image2.pubmatic.com — Cisco Umbrella Rank: 1037 image4.pubmatic.com — Cisco Umbrella Rank: 1038	2 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 399	3 KB
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 295 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1276	4 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 290 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528	2 KB
5	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 500	754 B
4	dotomi.com 4 redirects 33across-match.dotomi.com — Cisco Umbrella Rank: 4532 dclk-match.dotomi.com — Cisco Umbrella Rank: 3117	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 315	2 KB
3	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1501 sync1.intentiq.com — Cisco Umbrella Rank: 4471 api.intentiq.com — Cisco Umbrella Rank: 2115	3 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 586	2 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6131	964 B
2	dyntrk.com 2 redirects c.us1.dyntrk.com — Cisco Umbrella Rank: 2295	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 943 s.tribalfusion.com — Cisco Umbrella Rank: 2571	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1074	1 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 439 fonts.googleapis.com — Cisco Umbrella Rank: 81	126 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 731	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 692	645 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 448	728 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 575	1 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 773	384 B
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1597 hde.tynt.com — Cisco Umbrella Rank: 5319	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 5527	486 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1613	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	43 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 485	575 B
1	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 667	441 B
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 12475	792 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 524	680 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 1676	112 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 828	574 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1100	310 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 838	736 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 942	191 B
1	cpx.to s.cpx.to — Cisco Umbrella Rank: 2606	945 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1171	750 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 548	698 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1257	574 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 849	815 B
1	licensebuttons.net licensebuttons.net — Cisco Umbrella Rank: 30416	1 KB
1	creativecommons.org 1 redirects i.creativecommons.org — Cisco Umbrella Rank: 33980	314 B
205	54

	Domain	Requested by
31	pbs.twimg.com	www.threatminer.org platform.twitter.com
27	www.threatminer.org	www.threatminer.org
19	router.infolinks.com	2 redirects resources.infolinks.com router.infolinks.com r.casalemedia.com
18	cm.g.doubleclick.net	10 redirects eus.rubiconproject.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	www.threatminer.org pagead2.googlesyndication.com blank googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	dsum-sec.casalemedia.com	2 redirects r.casalemedia.com googleads.g.doubleclick.net
7	s0.2mdn.net	www.threatminer.org googleads.g.doubleclick.net s0.2mdn.net
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	data.ad-score.com	js.ad-score.com
7	ssc-cms.33across.com	7 redirects
7	resources.infolinks.com	www.threatminer.org router.infolinks.com resources.infolinks.com
6	abs.twimg.com	www.threatminer.org platform.twitter.com
6	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	match.adsrvr.org	6 redirects
6	platform.twitter.com	www.threatminer.org platform.twitter.com
5	token.rubiconproject.com	3 redirects eus.rubiconproject.com
5	events-ssc.33across.com	hde.tynt.com eus.rubiconproject.com
5	pixel.tapad.com	3 redirects router.infolinks.com resources.infolinks.com
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	s.amazon-adsystem.com	2 redirects r.casalemedia.com eus.rubiconproject.com
4	ups.analytics.yahoo.com	4 redirects
4	image8.pubmatic.com	4 redirects
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	js.ad-score.com	resources.infolinks.com js.ad-score.com
3	sync.1rx.io	3 redirects
3	rt3043.infolinks.com	resources.infolinks.com www.threatminer.org
2	googleads4.g.doubleclick.net	www.threatminer.org
2	rtb2-useast.e-volution.ai	2 redirects
2	c.us1.dyntrk.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	33across-match.dotomi.com	2 redirects
2	eus.rubiconproject.com	hde.tynt.com eus.rubiconproject.com
2	um.simpli.fi	2 redirects
2	ap.lijit.com	2 redirects
2	ad.360yield.com	2 redirects
2	eb2.3lift.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	u.openx.net	2 redirects
2	image4.pubmatic.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects r.casalemedia.com
2	syndication.twitter.com	platform.twitter.com www.threatminer.org
2	www.google-analytics.com	www.threatminer.org www.google-analytics.com
1	secure.adnxs.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s0.2mdn.net
1	dsp.adkernel.com	1 redirects
1	cs.media.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	id.rlcdn.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	cms-xch-chicago.33across.com	hde.tynt.com
1	sync.mathtag.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	d.adroll.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	sync.taboola.com	1 redirects
1	imasdk.googleapis.com	resources.infolinks.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	api.intentiq.com	resources.infolinks.com
1	sync1.intentiq.com	router.infolinks.com
1	sync.intentiq.com	1 redirects
1	p.rfihub.com	1 redirects
1	pixel.advertising.com	1 redirects
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	r.casalemedia.com	router.infolinks.com
1	hde.tynt.com	router.infolinks.com
1	de.tynt.com	1 redirects
1	licensebuttons.net	www.threatminer.org
1	i.creativecommons.org	1 redirects
205	84

This site contains links to these domains. Also see Links.

Domain
medium.com
github.com
uk.linkedin.com
www.twitter.com
creativecommons.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.google.ca GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-06-23` - `2023-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.threatminer.org/
Frame ID: D9786A7DA09817EAF8C2B5901A3A6AFB
Requests: 66 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.threatminer.org
Frame ID: EC1EA22E95B665EB0B4EF39C6367A45A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: B47897D9E134BE7CF1221454DE59BF4F
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Frame ID: F60F4B4AB0634BE40A7FB9991F3B6CC6
Requests: 17 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 79703833D9C97F703E25AFC3DCF02989
Requests: 6 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: B0F65CDD9B6BC333C616E4B2534155D0
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 5E5EF602B1BFB5FF398C963C0ED7DAD1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E30F7D5998FD11607C362D93BE44AA84
Requests: 12 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000102
Frame ID: C8753BA7FFF515B00ED7F326767CD39B
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 89E2D204FD53EDA9669A483591AC9436
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1547032184371814401/8vp-kf5v?format=png&name=800x419
Frame ID: 8025D418FCFF0C88741E457852EDF0CF
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: C480E3D0B5FBB7C529483B8723EF2991
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191
Frame ID: 82D11456825212F007CE7ECD6A134C77
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWzIBDJj_EBGMSLmLgBMAE&v=APEucNWROLIrXbQyTEsFMn8IT6jARAgZfEyagLxqjylMp5aRL6t-MyAp_Tz-vlKXkOTHf5DG_DXuaaQY5yONgYQKh01-gXmwKQ
Frame ID: 8B5366DC988229AF0B150A17644E7745
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DC203EE1E60FBFFA0E4EE9CB7AC57A7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E9E9F92940329B58889E6A2040E8A8C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/43633015336519909/index.html
Frame ID: 6DC3EE6C05903C7D37119A9D4DB4C3B1
Requests: 7 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 68B5C996CDA402D3B92EE69CAA040A9E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 237CE4C36D0BF87D3ED13D397280E144
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA671F6001858DD913C1ABB3F4931C2D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ThreatMiner.org | Data Mining for Threat Intelligence

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

205
Requests

75 %
HTTPS

32 %
IPv6

54
Domains

84
Subdomains

41
IPs

4
Countries

3316 kB
Transfer

7993 kB
Size

96
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/@threatminer
Title: Blog

Search URL Search Domain Scan URL

URL: http://github.com/threatminer
Title: ThreatMiner Github Github.com/threatminer

Search URL Search Domain Scan URL

URL: https://uk.linkedin.com/in/michaelyiphw
Title: Find Mike on LinkedIn Linkedin.com/michaelyiphw

Search URL Search Domain Scan URL

URL: https://github.com/APTnotes
Title: APTNotes repository

Search URL Search Domain Scan URL

URL: https://www.twitter.com/kbandla
Title: @kbandla

Search URL Search Domain Scan URL

URL: https://www.twitter.com/beast_fighter
Title: @beast_fighter

Search URL Search Domain Scan URL

URL: https://www.twitter.com/threatminer
Title: @threatminer

Search URL Search Domain Scan URL

URL: https://github.com/threatminer/ioc_parser
Title: modified version

Search URL Search Domain Scan URL

URL: https://github.com/armbues/ioc_parser
Title: IOCParser

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://i.creativecommons.org/l/by/4.0/80x15.png HTTP 301
https://licensebuttons.net/l/by/4.0/80x15.png

Request Chain 41

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

Request Chain 42

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 44

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU3QjU4QzAtMUQzMC00ODBBLThERjYtQzUyQTAyMDRCNDE5&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU3QjU4QzAtMUQzMC00ODBBLThERjYtQzUyQTAyMDRCNDE5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D857B58C0-1D30-480A-8DF6-C52A0204B419 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=857B58C0-1D30-480A-8DF6-C52A0204B419 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=857B58C0-1D30-480A-8DF6-C52A0204B419 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=857B58C0-1D30-480A-8DF6-C52A0204B419 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

Request Chain 45

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=2103653450280440149

Request Chain 46

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://router.infolinks.com/dyn/ox-usync?uid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b

Request Chain 47

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-~A

Request Chain 48

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1658160084876 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7678868077 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7678868077 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3ca3d77c-4238-4451-8e6f-3fbe3883ea89 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005

Request Chain 49

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=LoNgUlNCh_6w1Ya2HBrW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVGG6TTHKVWE4Q3IL43HOMKZMEZEQQTSK4 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVGG6TTHKVWE4Q3IL43HOMKZMEZEQQTSK4 HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=LoNgUlNCh_6w1Ya2HBrW

Request Chain 50

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
https://router.infolinks.com/dyn/tplift?uid=3945146070236113866468

Request Chain 51

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
https://router.infolinks.com/dyn/sonobi-usync?uid=7385d38b-53e7-4b2e-8bb0-ba7a4f69c353

Request Chain 52

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.threatminer.org%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2F&pid=12306&adnxs_uid=2103653450280440149

Request Chain 53

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://router.infolinks.com/dyn/imd-usync?user_id=56d8d311-92e5-4c9c-b3e2-2aa503087ebe&partner_id=1531

Request Chain 54

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-8XE4HWRE2uG03x5kt9iM4E2G1.I1VveQ~A

Request Chain 55

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=E_zhaLZHj_4-UmqGTAy5lbzf

Request Chain 56

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D857B58C0-1D30-480A-8DF6-C52A0204B419 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=857B58C0-1D30-480A-8DF6-C52A0204B419

Request Chain 57

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=969751681128638854

Request Chain 58

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
https://router.infolinks.com/dyn/33a-usync?uid=211878319039908

Request Chain 59

https://router.infolinks.com/dyn/iq-usync HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1634346717&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1634346717&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b&ckls=true&ci=PJseZgpxwl&nc=false&trid=1278181544

Request Chain 70

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&dcc=t

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK2qHCooJyjOsW0xE7kcnVA&google_cver=1

Request Chain 72

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&expiration=1660752085&gdpr=0&gdpr_consent=

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YtWD1EyL75q2p0BX64B61QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpsBWSEXU5fv6aA-CadiDY&google_cver=1

Request Chain 74

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D300CEEF4E4F4B6B9061CC65F3EC7F60

Request Chain 75

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAA%26550 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fd279604-bb3e-4a96-a780-51d60756b961-tuct9cf0955

Request Chain 76

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nx9ozvneSlZl0Nz8EQlTRpU4mbg

Request Chain 77

https://d.adroll.com/cm/index/ssp HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 80

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 81

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=73380c73-8db9-486a-b2a2-ae6621273880&google_hm=NzMzODBjNzMtOGRiOS00ODZhLWIyYTItYWU2NjIxMjczODgw HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEErkzWrahUOc0_vzjkEluEA&google_cver=1&ssp=the33across&bsw_param=73380c73-8db9-486a-b2a2-ae6621273880 HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=73380c73-8db9-486a-b2a2-ae6621273880 HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=73380c73-8db9-486a-b2a2-ae6621273880&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 82

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1658160085093.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d47b62d5-83d5-4b00-a34c-27126a11af59

Request Chain 83

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h~A HTTP 302
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h%7EA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 84

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4ff9ae0dcbe21228&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGckJNV5VzOAM1AmRGAAAAAAA&expiration=1658246485&is_secure=true&us_privacy= HTTP 302
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGckJNV5VzOAM1AmRGAAAAAAA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 85

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1660752085%26external_user_id%3D3ca3d77c-4238-4451-8e6f-3fbe3883ea89 HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660752085&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89

Request Chain 147

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L5QXPB38-25-18O2 HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=L5QXPB38-25-18O2 HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5QXPB38-25-18O2&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 152

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGEwMzdmNjNkOTk2YzA3ZDMzYzFiZWNkMWQ4ZDViMmViYTJjOWMwZg

Request Chain 153

https://id.rlcdn.com/709414.gif HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 154

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&gdpr=0&gdpr_consent=&expires=30

Request Chain 155

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5QXPB38-25-18O2

Request Chain 156

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/8GWchDZna3zHQigWLM8vQ8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7368688350242285919

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7zzZEXe3HoZMqbeTpObhU&google_cver=1

Request Chain 158

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8RqXiAAMSdmk02Sp8O2r2Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8RqXiAAMSdmk02Sp8O2r2Q

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1

Request Chain 168

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtWD1EyL75q2p0BX64B61QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEARdHLBdMt8hRDPlWWYBxsY&google_cver=1

Request Chain 170

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzY1MzQ1MDI4MDQ0MDE0OQ%3D%3D

Request Chain 177

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_cver=1&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5gInIVzxJN_Q19-MAJtr5BqzwZL3M0vXPggHd5yWUOT6Gz HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6a044983b801228&is_secure=true&networkId=14000&version=1&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_cver=1&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5gInIVzxJN_Q19-MAJtr5BqzwZL3M0vXPggHd5yWUOT6Gz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcvgzj0WTUANVk1M6AAAAAAA&expiration=1658246487&google_cver=1&is_secure=true&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5gInIVzxJN_Q19-MAJtr5BqzwZL3M0vXPggHd5yWUOT6Gz

Request Chain 178

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 179

https://um.simpli.fi/gp_match?google_gid=CAESECf7yrCSU3vRH8sD7Pkaj6g&google_cver=1&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYnJVCrsERFG63S1Vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D300CEEF4E4F4B6B9061CC65F3EC7F60&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYnJVCrsERFG63S1Vg

Request Chain 180

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELOskn4IzETMnSCmUKghcWo&google_cver=1&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg HTTP 302
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELOskn4IzETMnSCmUKghcWo&google_cver=1&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg&prevuid=04030002_62d583d729f5e&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg&google_hm=MDQwMzAwMDJfNjJkNTgzZDcyOWY1ZQ%3D%3D

Request Chain 181

https://cs.media.net/cksync?type=g&google_gid=CAESEBNqj_81MI8f2T1exL28iko&google_cver=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV8of0-6OHQUEHeTo_v8J2cZXF7hDAX8qPG70086BFxMB3v_lCVlIRh0w1mrihbkmqnVfi5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&mn_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV8of0-6OHQUEHeTo_v8J2cZXF7hDAX8qPG70086BFxMB3v_lCVlIRh0w1mrihbkmqnVfi5&gdpr=&gdpr_consent=

Request Chain 182

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESED5kamVFxgl0uSBExzJXXkk&google_cver=1&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0 HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESED5kamVFxgl0uSBExzJXXkk%26google_cver%3D1%26google_push%3DAehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0 HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A105239681445290219&exchange=193&google_gid=CAESED5kamVFxgl0uSBExzJXXkk&google_cver=1&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEwNTIzOTY4MTQ0NTI5MDIxOQ&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0

Request Chain 200

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=877faace-9555-4473-99f5-a929aeb63e0e=&partner_id=3337 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De985233e-0b71-41eb-b1df-cd55d35de6c6%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2103653450280440149&pt=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

205 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.threatminer.org/ 23 KB
7 KB 175ms
121ms Document
text/html 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86787b8b795723ffc526ce4670bbeeb5e625969fc4f4c43efbdaf4b412d4b896

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 72cc6f8bfa004bcb-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Jul 2022 16:01:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtzv4EM9s3bSrhLd9PDPQzr7iMIYdpIucTvY%2Fwwg04kb1xbLbqJRKlpKT2UkakJgRrffMe0J6sM6RCppmO74XZ7HNpeHRMYv3yoG%2F48RvkufQLGptmRP8U44DvYRfg1WYVDEg8%2FyXFoenY00ThT%2F88s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/ 115 KB
20 KB 35ms
30ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 982
etag: W/"1ca39-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucv%2F%2BuJdu7DZeK5h%2FV9ejenuk3bm3lMJjFoXzG9jnariktr5MraL2ub8zwe9b2PUelq1GE20Bj8O%2Bt2nLgQN24PXlQOBZLZtog4GsVkll3TxTEjFsYulp4igp2LS8cHLLKtDkn4J5SIkb79AzySwckE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8cdb334bcb-YUL

GET
H2 200 metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/ 781 B
660 B 30ms
26ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 982
etag: W/"30d-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C60gGU4QtxofGldY60ESlRPRSWYjxd3xu6NlTrWl69LBBGK8YRXqIA%2BxCQbNcutfCpl6SMTjouPSMZVDSq%2Bza4hdiaCfMOpvb39S1%2BDgRmTRQyALz4PX4cwpb%2Flz9Q%2F%2Bys%2F3GIM2CeM0LA7PDifgu7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8cdb344bcb-YUL

GET
H2 200 dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 6 KB
2 KB 26ms
22ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 982
cf-polished: origSize=7616
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: W/"1dc0-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7dubWi4EveQznUkM5IYO5VrgeSB60kmAKnTSYdE%2BGpgh4QsCrhyP1GXzLCpUmZVgVw5PL6R5MlqigLLiVmGqghVwiCu7aVzyw7XIPr0jEZa%2FscVmm2QxsmvOmCOfKbF%2B1OrSgYP1U6Pq6wSBZnbh0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 72cc6f8cdb374bcb-YUL
cf-bgj: minify

GET
H2 200 dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/ 3 KB
898 B 31ms
28ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 982
cf-polished: origSize=3051
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: W/"beb-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4Bfkum6ulyWzHSUXeYGdMJwCoaGFkm0IeewFQdPkZOUhEE05PxpHQpDIIHbNCOBTRbI0gNQJUSa6eAzg%2BGf%2Bzqhe%2F2XvmPMWzrrlZFP54q2o5kwrrdxtAoKrTc6i7voX4gTIjAgY%2BldzGzUU1YGt2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 72cc6f8cdb394bcb-YUL
cf-bgj: minify

GET
H2 200 buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 8 KB
2 KB 35ms
32ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:08:48 GMT
server: cloudflare
age: 982
etag: W/"1f58-54e761fab9800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqAwCywtu2owvpBb5Ca%2FxrbAzZnqeejeAyO4o1Er7fZoJU9H85fHZVxna39hFesnsGJIIYDx3jbzmuaBS0tNdXZlCcedlVfF7qW7xYqINUj1ovMKqrmHRb049tgBiWDMCXUp8Mmdookcs1WRO7pwjlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8cdb3b4bcb-YUL

GET
H2 200 buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 2 KB
752 B 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:02:52 GMT
server: cloudflare
age: 982
etag: W/"626-54e760a737700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27O3J4WhMxLRjbNup0JfZBWx2x3iv8BNq8hWrw0yZoSFnzY30E9F%2FB6vYZNwrKhqguxRgADJgRjzvRnBGzj0wT2MkeHTBXCkuiTxKIMX98JYIJ69XXz3JXjdRZHQ72otSIj258JKsEeIoMN%2B3XpzBiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8cdb3c4bcb-YUL

GET
H2 200 sb-admin-2.css
www.threatminer.org/dist/css/ 4 KB
2 KB 21ms
18ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
cf-polished: origSize=5638
last-modified: Sat, 02 Jan 2021 17:59:17 GMT
server: cloudflare
etag: W/"1606-5b7ee9d93cc8e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi%2BWpkIeNPM0QYYimfUaazCv9XSDZwCc5%2FxVcOC7ESjPixIpp6HNgprsiw9UOwts42t1CkNYokwBBdK742xR18QIuzLivy1wcEJOOgfWRaJrFGPuOAHrFHHF33xidKVKKEod40hNlaPyINY2VO5ocCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 72cc6f8cdb3d4bcb-YUL
cf-bgj: minify

GET
H2 200 font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/ 21 KB
5 KB 36ms
34ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 981
etag: W/"55e0-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLVNVpxfSZ%2FRtnIc%2F49td%2FdDg%2BlmyUWzyt1256YOoemiTwtIQu7Qt3lhucfWz7L2uGPgslJyIZ%2BLzYNSQstNJk6C6eSlGkthQHGCxBP4JsELb1PHN8OC8PF1DoP%2BHtB2SAzDdVPdmf0Kjs%2F0umZ5GA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8cdb3e4bcb-YUL

GET
H2 200 social-share-kit.css
www.threatminer.org/dist/css/ 12 KB
3 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/social-share-kit.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
cf-polished: origSize=12273
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
etag: W/"2ff1-543c3d291af80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85s%2FdtzVmWcy6UBCouOAdAIZs%2FmgpaJKnW48SR10KGR0DNOy1rtbH%2Bmlx8Bjk8IDE0m94VU1jVIrVB6XF%2BzMb3fR%2BPR3tZlkrEPsK8BNoLYfQbmquGurFe2kCsiOzvgDtl8sOz%2BrFFS%2FofZCiED9N%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 72cc6f8cdb404bcb-YUL
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 132ms
71ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5758b2da00946327bdfc67f4f7581905ddeb02d077e25499015bd1d5dddff693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56775
x-xss-protection: 0
server: cafe
etag: 10757745281548534582
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 16:01:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 97ms
18ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D06) /
Resource Hash: d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 16:01:24 GMT
Content-Encoding: gzip
Age: 889
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29251
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 23:29:05 GMT
Server: ECS (nyb/1D06)
Etag: "6bd810ca00e69f1e65a4c1093054e30c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 logo.png
www.threatminer.org/images/ 19 KB
19 KB 140ms
132ms Image
image/png 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatminer.org/images/logo.png
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037a0d186faaac251c172199432d7ae417c92d92ad63380a94a2f51ddd7a6612

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=24506
content-length: 19345
last-modified: Sat, 14 Apr 2018 13:24:52 GMT
server: cloudflare
etag: "5fba-569cee9e79100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdBw75d6Jab0%2F5sTkJ%2FEnnMvZ17mQGGZV%2BZc5qWwOy0xf4Qh46akOB0eM8KSXb8cbYDoDdKoVnJ6UZvvYHGHbVojdqkvXBr5sg1bkzieBTLV99766XF86nvJqBk0QjL9669HG%2Byu3kP8%2Buh3EJCCWHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 72cc6f8d6c294bcb-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 ajax-loader.gif
www.threatminer.org/images/ 3 KB
3 KB 64ms
57ms Image
image/gif 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatminer.org/images/ajax-loader.gif
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 979
cf-polished: origSize=2608
content-length: 2599
last-modified: Sat, 17 Oct 2015 00:26:24 GMT
server: cloudflare
etag: "a30-52241f64ccc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqbF6%2BVAeamvSJXdbIdiAK%2Bj89mTH%2BAIJ12kX5SWBEkAVqFsvmJTe0exWlDojH3qkD2U4Au7kV4M5qpA6%2Bwvq0VEjNiG%2F%2BIAXrpvWKgPi4LrieqKbCJ2F9JaquufBpnA7UtkrmN%2FRH4cx3mAZlXkvX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 72cc6f8d6c2b4bcb-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 jquery-1.12.4.min.js Show response
www.threatminer.org/bower_components/jquery/dist/ 95 KB
34 KB 33ms
28ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:15:38 GMT
server: cloudflare
age: 982
etag: W/"17b8b-54e7561880e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkc58CZcCgk5UXZF8Gh6e3hENnH1yaKEzqY4YC8VhmA4Qwxl%2FOld4LU2a2xoY0rTwo79CU2BPQaFMC67LzBXTvU3aGirtGqZnFxaD7Bp11w7GA3RJ3vAG5rN0TLeYDgTd0sSUzFC7qFL7bDWNB5Tz3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d1bb04bcb-YUL

GET
H2 200 bootstrap.min.js Show response
www.threatminer.org/bower_components/bootstrap/dist/js/ 35 KB
10 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 982
etag: W/"8c6f-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMyj6OiemOaFax3jDjg9A0G1uOdtdI%2B80CVISjqBW5wRyVp7sbKf92qFP7sjecqtP1LFxcC9HODtK57AUxP6CRO3fU0eTDAbb6Ek5Cz3V6SkJBi8hLmJLqUluve%2FfEa7%2FXsrA1sG%2BC2ICVe75mxyHJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d1bb34bcb-YUL

GET
H2 200 metisMenu.min.js Show response
www.threatminer.org/bower_components/metisMenu/dist/ 2 KB
1 KB 31ms
19ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 982
etag: W/"757-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oVnikpqy27JvGxdN4K4x8hgLc2bhRDKwVvbMqapXaCeO2T0fBJQGaXm%2BUMvFAtAsmtKzCUS10xeKcOlcbqeObFFJ1eYxFrUj8zZh93J0q8TD%2Bd7lX%2BozHT1oysJjFvpN7x7wis0oHJx16%2FCX7F6ues%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3be74bcb-YUL

GET
H2 200 jquery.dataTables.min.js Show response
www.threatminer.org/bower_components/datatables/media/js/ 81 KB
29 KB 35ms
22ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:24:55 GMT
server: cloudflare
age: 982
etag: W/"14544-54e7582bb33c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PafpizvTmXfqN5avsZTzA9KkB7fUYIJgyyQgwg29Spos3hAV6S1IPJVu4%2FkGJcvOkiCE%2BwT8OB%2FO3FbXLM9kntYEX3WOsO3FINCPCPRP4aEjvWZUp89zVmcwW4grcFw%2BcUyM6OfhNoNMVv6C3LZeYmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bf44bcb-YUL

GET
H2 200 dataTables.bootstrap.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 2 KB
1 KB 32ms
19ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 982
etag: W/"796-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu2sXo9SELV8mlnHwwDLo6MOIqCSqXHEI9SyyxqhZXfsNktvEa09CgbO80KALyPLGmXdbmS58aDfpv35Tw7LJ8cLaNlaZHskZ9snICNTEoNe82YVZZkvSB2tGoMn8QlEJOk5aQog8%2BpDLM2f1EEESnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bf64bcb-YUL

GET
H2 200 dataTables.buttons.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 16 KB
6 KB 33ms
21ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:34:43 GMT
server: cloudflare
age: 982
etag: W/"4088-54e75a5c75ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnzQInaYufwAizZidtJepDC92bhrCbXCl8oGjHqA3skl1r5exgna%2BA9X6%2BWnQMjd10JzgJICDYkK5qlmCnJpNkuH2Sue458DRvoyBrNzfNKr7e0KikoXgtocKDIf0NUY7g9mb5wZ9%2Fkgw2dhxg8NLRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bf74bcb-YUL

GET
H2 200 pdfmake.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/ 1 MB
391 KB 56ms
44ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:06 GMT
server: cloudflare
age: 982
etag: W/"106721-54e74d7b9bc80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVwLS%2BWIMkQKfJXfqKyIZ9G8vcC0Cp0YF8hncKo0HqTbFoHDpirEuFe5cFIkGirhLlEuS0llRQP0NcabMCjN7%2BxMzzKDLNoLxOScVvz3ZVmctvDAkeCJsJe4w5gCEYeu0ngh1M%2Bd62HCTS%2FcP1IfnYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bf84bcb-YUL

GET
H2 200 jszip.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/ 100 KB
31 KB 39ms
27ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:36:59 GMT
server: cloudflare
age: 981
etag: W/"18e33-54e74d74eecc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I1%2Bpfl4eOn%2BHjYrlVaHZ%2Bed6MSV8aRM0%2BhYDCm2TZww%2BY%2FyeXOgFT9enX3h%2B5qgUL5XLW0Qro%2F0av4Eb5aDU6M5193NpbTJd%2BHQalJK1XHtjfXeb0KZ8g8Bdc82eW8uq9gwcsJi2aOpaJCOC1MBOxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bfa4bcb-YUL

GET
H2 200 vfs_fonts.js Show response
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/ 933 KB
454 KB 35ms
24ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
cf-polished: origSize=955603
last-modified: Mon, 01 May 2017 11:37:11 GMT
server: cloudflare
etag: W/"e94d3-54e74d80607c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agtc%2BE1dABMmW2J%2BQyA5%2FCNRTyzidh7lxEFyYJRKYCCCfMXSwvAXod5FFeuFRrKCLNhupXreguAL6WesF6s5S%2F1MRzt9s5MF8ZR1OQ3UuQJAIWrUOO63MWEsec0bWub%2FF%2B%2BW6MyuEX0AuOC9LA8bK4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 72cc6f8d3bfc4bcb-YUL
cf-bgj: minify

GET
H2 200 buttons.html5.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 23 KB
6 KB 40ms
29ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:16 GMT
server: cloudflare
age: 981
etag: W/"5b7a-54e74d8525300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K41SL%2Br7%2B548eDYIFu2dvoefoyGkhfAQvgYUPX6RpplYOB4FleDRymsFoMmO9CL69pmeXsWlqQFqwXOp5TruJe8Ev0fvABJKincJF3gGH7TrqMR1%2F8sTDmnQd%2Bz0SK4ZAoeuaVFWpgSMM6RBIkIisx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bfe4bcb-YUL

GET
H2 200 sb-admin-2.js Show response
www.threatminer.org/dist/js/ 756 B
858 B 43ms
33ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
cf-polished: origSize=1181
last-modified: Sat, 25 May 2019 17:16:01 GMT
server: cloudflare
etag: W/"49d-589b97821f640-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAoV60SN%2FxZjY4v4OdIA5ghTRLTR8u8opLiujQ1Q10GlAX94EgadD86OUTCswNtd9Fcf0vPsWCe8sjORlTg7uX75SOL92YA2fd56yn2idUgFqqnuXBX2i3TPJUt8PR7vlhhqJ%2FKRHMxRXv%2B%2B6%2BvkaaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 72cc6f8d4c004bcb-YUL
cf-bgj: minify

GET
H2 200 tm_utility.js Show response
www.threatminer.org/dist/js/ 8 KB
2 KB 30ms
20ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/tm_utility.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
cf-polished: origSize=10497
last-modified: Mon, 22 Nov 2021 16:06:03 GMT
server: cloudflare
etag: W/"2901-5d162cd378793-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSlLxSW4%2Fh3iE1hgPyrm9Dg7vHPMm3dSo8O%2FD71STEOSEkYoKuHTX6bwKrg5v0cE65y4U6z%2B4yj87QbTJzxg34i886Kmk1LgGlSzvI0y6l7EFqsXwPz4%2FGfHQcTEoeoJs5jz2rNpp5vT49aifC5fWCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 72cc6f8d4c014bcb-YUL
cf-bgj: minify

GET
H2 200 social-share-kit.min.js Show response
www.threatminer.org/dist/js/ 6 KB
3 KB 73ms
64ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 16:07:52 GMT
server: cloudflare
age: 981
etag: W/"179c-583ab8aa0e600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6D1VmUC6OZ1sYyeBUn3v0f7goxH27djZe4vNYI7uF6rQ3nvwjux3%2F9wMgRqUXAzGZWSQ6Lb5dmedHxQP77mwqUeP3cV80NckUOtagihvidugELsz73d2C4WL4Yg4KUaL9jhGsL6K4LI6qGlY2PDViU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d6c264bcb-YUL

GET
H2

200

80x15.png
licensebuttons.net/l/by/4.0/
Redirect Chain

https://i.creativecommons.org/l/by/4.0/80x15.png
https://licensebuttons.net/l/by/4.0/80x15.png

430 B
1 KB

64ms
21ms

Image
image/png

2606:4700:20::681a:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by/4.0/80x15.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Server

2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4627
cf-polished: origSize=640
vary: Accept-Encoding
content-length: 430
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
x-frame-options: deny
etag: "5eab4a31-280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BmLgIb8ZXaaw%2BaSx6Crb9ZJZQScFzPcqUgBzSly7JKtkC8hXzZ08gB0eLO3gn9Rq5eoHIYkVfOwUvhVtgsExv6nGF0hefZZO5tsauIN8bJY0KaNynSluwobqq0JqoUf206DuAgUxBCR2g0bAfO82A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 72cc6f8e2c9e7150-YUL
cf-bgj: imgq:100,h2pri

Redirect headers

date: Mon, 18 Jul 2022 16:01:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 734
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: deny
content-type: text/html
location: https://licensebuttons.net/l/by/4.0/80x15.png
cache-control: max-age=432000
strict-transport-security: max-age=15768000
cf-ray: 72cc6f8d8b9a713e-YUL
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 122ms
58ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f881678cd7ea23247e6eb88a0c774d01ff6107c5c827d4efcf4068f9247e2de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f8d9d60a1ec-YYZ
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 18 Jul 2022 11:13:52 GMT
server: cloudflare
age: 1369
etag: W/"da5-5e412768469c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 18 Jul 2022 16:38:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
13ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5193
date: Mon, 18 Jul 2022 14:34:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Jul 2022 16:34:51 GMT

GET
H2 200 fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/ 64 KB
64 KB 33ms
28ms Font
application/font-woff 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin: https://www.threatminer.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
age: 965
etag: W/"ffac-51434f58bfb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8g8wVnK7YiamWiv%2BAnsemY58dkqRjPyDJdRqbDF4EGqA7wQJwbZ0qioSoY9eu77cB2xE9ue2MFx%2BVNqxJ%2B05S9CtbGcPzipQua4%2BozIR2DG%2FLjkTUhYAhBrUeGMnqaIC7BkhzHk14xZTPQlrMveTkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72cc6f8d3bf14bcb-YUL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 34ms
34ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=979145999&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2F&ul=en-us&de=UTF-8&dt=ThreatMiner.org%20%7C%20Data%20Mining%20for%20Threat%20Intelligence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=99928256&gjid=1490465486&cid=1821415982.1658160084&tid=UA-73787980-1&_gid=1360987563.1658160084&_r=1&_slc=1&z=169287610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getReport.php Show response
www.threatminer.org/ 328 KB
36 KB 148ms
147ms XHR
text/html 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/getReport.php?e=report_list_container&t=0&q=2019
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dada584d793ffc15c23d2aed13eee4c4e652b7ab4151638aa884907d5d06c3cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRtafELqeopPpfG9im7J08P%2Bfvl910JtakF0u6VkMWlXACoI2CkpG0N25loUKRhMXgXDjZPQQMOSDYp55t4a5gWWW80Q7GbBRhnbiv%2BIeqWY1JQViBfMFfx0i9g8sIhR1fbwut50IYGqzbyEHDpEbC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 72cc6f8f8f5c4bcb-YUL

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1808.010-3.025/ 178 KB
55 KB 33ms
32ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26178f6915e0ed71ecd377899de1394d1961bb5aa8ae8fda3e24bfbb84140374

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f8f990fa1ec-YYZ
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 19:29:17 GMT
server: cloudflare
age: 1356
etag: W/"2c98f-5e33c1a08b74b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 17 Aug 2022 15:38:48 GMT

GET
H/1.1 200
OK widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html Show response
platform.twitter.com/widgets/ Frame EC1E 320 KB
104 KB 19ms
19ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.threatminer.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D22) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 328489
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 16:01:24 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Mon, 11 Jul 2022 22:43:33 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D22)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 94ms
51ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

488a66c0da8f8bae60746ab1a661bb27f0a98f57257e191ed317e2e176ab130b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122494
x-xss-protection: 0
server: cafe
etag: 2357345194503463397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 16:01:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame B478 10 KB
5 KB 71ms
19ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 35517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 06:09:27 GMT
etag: 10429905676100781186
expires: Mon, 01 Aug 2022 06:09:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EC1E 581 B
541 B 132ms
44ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0d334cbc65158457fa89b20eccf7a500509b89a2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.threatminer.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

fa8fe8f3b53ea62c1c66afb46a7da8bae3e4bbc322963e69aaac076ed49997e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 6
date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 16:01:24 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5f4bbcac43875db039007177b3f3adc34de01a758e56481307699587b67d7bd7
content-length: 261

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame F60F 9 KB
2 KB 76ms
62ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac23973c319ae64c627c297c301861412d27ac92543cc79d4be7d20872be618

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 72cc6f90db69a1ec-YYZ
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Jul 2022 16:01:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 263 B
299 B 79ms
72ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b5c77a1a7f7708db2e291f8ab3ee9d37897375701d04be14ad48fa26650aa8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72cc6f90db71a1ec-YYZ
p3p: CP="NON DSP NID OUR COR"
content-encoding: gzip
cache-control: no-store
content-type: application/javascript;charset=ISO-8859-1

GET
H2 200 gsd Show response
router.infolinks.com/ 321 B
525 B 62ms
58ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F&jsv=1808.010-3.025&_cb=16581600845930
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6101174ba6bad0042600262c2ef92379addadae159d413d54c92a8d8eb5001c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 72cc6f90db6ea1ec-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 doq.htm Show response
rt3043.infolinks.com/action/ 3 KB
2 KB 182ms
126ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3043.infolinks.com/action/doq.htm?pcode=utf-8&r=16581600847191
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7d17cbad41672bc5c1a54054125adae853880adc5a644b544c805b1ab31888

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-CA
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 72cc6f91eddda1ff-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame 7970
Redirect Chain

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

1 KB
2 KB

41ms
32ms

Document
text/html

67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: afffc2f9ff0ed0df74d2308d3308830f07b63bd1dd546a35d6fd7e17f74533b2

Request headers

Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1328
content-type: text/html
date: Mon, 18 Jul 2022 16:01:24 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Mon, 18 Jul 2022 16:01:24 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame B0F6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
2 KB

140ms
64ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd4aa0319777daf315b9f1ca50fa605f4c69b26e2f8ad482b672cdfd36c744b

Request headers

Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72cc6f933a65a253-YYZ
content-encoding: br
content-type: text/html
date: Mon, 18 Jul 2022 16:01:25 GMT
dropped-udsids: 241|230|39|45|90|26|123|105
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfrxr0L%2FwdQCphoOzPNIaFAEiX9aqeVaN8wiIjVIJH8Vm%2B9ooG6EGnnfJiEGP4bc4fhrGLtTLX67qGCcWAKoCjd061HD8FC2uitH9AmH%2BdQfRYb25rlvn%2FPoeLMadETCQjel"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72cc6f922bf4a1ea-YYZ
content-type: text/html; charset=iso-8859-1
date: Mon, 18 Jul 2022 16:01:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKuoSalDfMnHJ0VeksriHSLsVr9dInIMx%2F41KK4x2M8HDE2aty4o4mInnTKlsYr7gmV3JB9erlWV%2FgYCcl6Z4eDGWMHt0fjasFtB2wcC42WxhPtAeJgWhTJYgJw8v2hgMN%2BMN7HOOtovsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5E5E 2 KB
815 B 56ms
15ms Document
text/html 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame F60F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU3QjU4QzAtMUQzMC00ODBBLThERjYtQzUyQTAyMDRCNDE5&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU3QjU4QzAtMUQzMC00ODBBLThERjYtQzUyQTAyMDRCNDE5&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D857B58C0-1D30-480A-8DF6-C52A0204B419
https://router.infolinks.com/dyn/pbm-usync?uid=857B58C0-1D30-480A-8DF6-C52A0204B419
https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=857B58C0-1D30-480A-8DF6-C52A0204B419
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=857B58C0-1D30-480A-8DF6-C52A0204B419
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

95 B
113 B

41ms
41ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&ttd_puid=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=2103653450280440149

35 B
187 B

62ms
62ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=2103653450280440149
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92aec4a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:24 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c264e8f8-d12b-4780-baa7-10f561d9dcb2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=2103653450280440149
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ox-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://router.infolinks.com/dyn/ox-usync?uid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b

35 B
199 B

63ms
63ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ox-usync?uid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92bedaa1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://router.infolinks.com/dyn/ox-usync?uid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-~A

35 B
232 B

68ms
67ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92bed4a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-~A
date: Mon, 18 Jul 2022 16:01:24 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1658160084876
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7678868077
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7678868077
https://sync.1rx.io/usersync/tradedesk/3ca3d77c-4238-4451-8e6f-3fbe3883ea89
https://sync.targeting.unrulymedia.com/csync/RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005
https://router.infolinks.com/dyn/r1-usync?uid=RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005

35 B
205 B

58ms
58ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f974ee7a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005
Date: Mon, 18 Jul 2022 16:01:25 GMT
Connection: keep-alive
Content-Type: text/html
ETag: RX40b6749b6f6f44c8bd9e7db470ca8249005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://stags.bluekai.com/site/23178?id=LoNgUlNCh_6w1Ya2HBrW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TN...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVGG6TTHKVWE4Q3IL43HOMKZMEZEQQTSK4
https://router.infolinks.com/dyn/zmn-usync?uid=LoNgUlNCh_6w1Ya2HBrW

35 B
271 B

57ms
56ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=LoNgUlNCh_6w1Ya2HBrW
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f98188ca1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:25 GMT
P3p: CP="We do not support P3P header."
Location: https://router.infolinks.com/dyn/zmn-usync?uid=LoNgUlNCh_6w1Ya2HBrW
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 90
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

tplift
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
https://router.infolinks.com/dyn/tplift?uid=3945146070236113866468

35 B
245 B

60ms
59ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/tplift?uid=3945146070236113866468
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92aec7a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

location: https://router.infolinks.com/dyn/tplift?uid=3945146070236113866468
date: Mon, 18 Jul 2022 16:01:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sonobi-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
https://router.infolinks.com/dyn/sonobi-usync?uid=7385d38b-53e7-4b2e-8bb0-ba7a4f69c353

35 B
283 B

58ms
57ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sonobi-usync?uid=7385d38b-53e7-4b2e-8bb0-ba7a4f69c353
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92ef24a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-126
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=7385d38b-53e7-4b2e-8bb0-ba7a4f69c353
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame F60F
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.threatminer.org%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2F&pid=12306&adnxs_uid=2103653450280440149

95 B
945 B

404ms
97ms

Image
image/png

99.80.58.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2F&pid=12306&adnxs_uid=2103653450280440149

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F

Protocol

HTTP/1.1

Server

99.80.58.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-58-206.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Jul 2022 16:01:25 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Jul 2022 16:01:25 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:24 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8a603c48-dbf0-48c0-8321-0f142681273f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2F&pid=12306&adnxs_uid=2103653450280440149
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

imd-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://router.infolinks.com/dyn/imd-usync?user_id=56d8d311-92e5-4c9c-b3e2-2aa503087ebe&partner_id=1531

35 B
200 B

60ms
58ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/imd-usync?user_id=56d8d311-92e5-4c9c-b3e2-2aa503087ebe&partner_id=1531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f92bed1a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:24 GMT

Redirect headers

location: https://router.infolinks.com/dyn/imd-usync?user_id=56d8d311-92e5-4c9c-b3e2-2aa503087ebe&partner_id=1531
date: Mon, 18 Jul 2022 16:01:24 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://router.infolinks.com/dyn/outh-usync?uid=y-8XE4HWRE2uG03x5kt9iM4E2G1.I1VveQ~A

35 B
205 B

53ms
53ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-8XE4HWRE2uG03x5kt9iM4E2G1.I1VveQ~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f96de11a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-8XE4HWRE2uG03x5kt9iM4E2G1.I1VveQ~A
date: Mon, 18 Jul 2022 16:01:25 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=E_zhaLZHj_4-UmqGTAy5lbzf

35 B
196 B

74ms
73ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=E_zhaLZHj_4-UmqGTAy5lbzf
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f93f91da1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

Date: Mon, 18 Jul 2022 16:01:25 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=E_zhaLZHj_4-UmqGTAy5lbzf
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D857B58C0-1D30-480A-8DF6-C52A0204B419
https://router.infolinks.com/dyn/usersync?pmuservalue=857B58C0-1D30-480A-8DF6-C52A0204B419

0
163 B

64ms
64ms

Image
text/plain

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=857B58C0-1D30-480A-8DF6-C52A0204B419
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 72cc6f96fe2ba1ec-YYZ
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=857B58C0-1D30-480A-8DF6-C52A0204B419
date: Mon, 18 Jul 2022 09:12:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=969751681128638854

35 B
219 B

61ms
61ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=969751681128638854
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f942972a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=969751681128638854
Date: Mon, 18 Jul 2022 16:01:25 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

33a-usync
router.infolinks.com/dyn/ Frame F60F
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
https://router.infolinks.com/dyn/33a-usync?uid=211878319039908

35 B
185 B

55ms
54ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/33a-usync?uid=211878319039908
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f93f8fca1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://router.infolinks.com/dyn/33a-usync?uid=211878319039908
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame F60F
Redirect Chain

https://router.infolinks.com/dyn/iq-usync
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=44...

43 B
933 B

62ms
32ms

Image
image/gif

13.226.39.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1634346717&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b&ckls=true&ci=PJseZgpxwl&nc=false&trid=1278181544
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Server: 13.226.39.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-84.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
x-amz-cf-id: K1HbxctPI-Ng-LrbhKskA-3KfMhdXUCjgTIeFjLmdcYoH06NcUO-DA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=877faace-9555-4473-99f5-a929aeb63e0e&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1634346717&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=058b2e79-91c8-46d2-ba4e-df4bac9c5b0b&ckls=true&ci=PJseZgpxwl&nc=false&trid=1278181544
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
content-type: image/gif
content-length: 43
x-amz-cf-id: 4oyVYPwzjtBaiX23EbPyHS-TdQFBrqQsBMALP_MNQQIl3gcPQErgQw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iqusync-1.17.min.js Show response
resources.infolinks.com/static/usync/ 2 KB
1 KB 35ms
34ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/usync/iqusync-1.17.min.js
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b0bab835f1c9d35073860412074c375c341a1fc9f1f51e12b0931cc58438a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f91cd5aa1ec-YYZ
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 11:40:03 GMT
server: cloudflare
age: 6325
etag: W/"945-5dfd488bd0c04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 17 Aug 2022 14:15:59 GMT

GET
H/1.1 200
OK moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js Show response
platform.twitter.com/js/ 25 KB
8 KB 30ms
29ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1F) /
Resource Hash: 97f9b7cab9096a1f281f549f2933f26d0421725999c1c0b663d18a27ec602954

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 16:01:24 GMT
Content-Encoding: gzip
Age: 328489
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 8085
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 22:43:26 GMT
Server: ECS (nyb/1D1F)
Etag: "6eb1c1b6c98676595ef63fdeab0f96cf+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.ef1e579d99cb7409198460b5a0fa4ac6.js Show response
platform.twitter.com/js/ 21 KB
7 KB 54ms
22ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.ef1e579d99cb7409198460b5a0fa4ac6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D06) /
Resource Hash: 7eb0a8df21d2aa9f51970e9b5f2ba600511373d1d732e1ac07ee5ec2dd135dd4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 16:01:24 GMT
Content-Encoding: gzip
Age: 328488
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 6583
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 22:43:26 GMT
Server: ECS (nyb/1D06)
Etag: "4a1879769d9d9fbbce1a234be9cfbeed+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 267 B
1 KB 187ms
29ms XHR
text/html 13.226.39.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=877faace-9555-4473-99f5-a929aeb63e0e&iiqidtype=2&iiqpcid=560698a7-efc0-46f9-8839-c7d753e8b7bb&iiqpciddate=1658160084852&dbsaved=true&fbp=2503514552
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.17.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-8.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 3b09c4265e2034681aea0315c2b19a24b603c62f53b3ea95cd28d86d97298754

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: JtJzjibEpuXsvRKWwbADfEw3Y1bTK_TEPpgtI0X8ifQejmcA2GpSjg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 170 KB
15 KB 304ms
175ms Script
application/javascript 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ThreatMiner_old&dnt=true&domain=www.threatminer.org&lang=en&screen_name=ThreatMiner&suppress_response_codes=true&t=1842400&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2309907d3bc859fa64e8155ff293f450c595760d28413d5b33f810fd8baa40ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=156
content-length: 15298
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 122
last-modified: Mon, 18 Jul 2022 16:01:25 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 3782924314c420cd247d77d28f1576ec3667024f123b9f2a82ebcc5ae04f6f03
timing-allow-origin: *
x-transaction: 8368c1587cf29c3c
expires: Mon, 18 Jul 2022 16:06:25 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1808.010-3.025/ 222 KB
88 KB 32ms
32ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1808.010-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87142f934cfae0717a0d28f1c2393c09fddbf582458a3c1900e208806fe2d480

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f92bee7a1ec-YYZ
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 19:29:17 GMT
server: cloudflare
age: 1931
etag: W/"3760e-5e33c1a08da74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 17 Aug 2022 15:29:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 373 KB
125 KB 100ms
34ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d911b751cd99075ed5ea3e9315645314fe0e1254a321d2b545b19a6652d951a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127042
x-xss-protection: 0
expires: Mon, 18 Jul 2022 16:01:24 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 34ms
32ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f92ceeaa1ec-YYZ
date: Mon, 18 Jul 2022 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 5798
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 17 Aug 2022 14:24:46 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 333 KB
114 KB 157ms
21ms Script
application/javascript 2600:9000:21da:2600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:2600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb736b48143a122a9a15b8941e373c449d28b7d7db962b9446d47a0503a7d0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 16:09:09 GMT
Content-Encoding: gzip
Age: 85936
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Sun, 17 Jul 2022 16:09:09 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: aDMgNnr61ftQnK6zWrvw8FnK0A3qoJmlM16l5XQ1Hf_MOwDHOaI04w==
Expires: Mon, 18 Jul 2022 16:09:09 GMT

GET
H2 200 getads.htm Show response
rt3043.infolinks.com/action/ 1 KB
1 KB 365ms
363ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3043.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22conditions%22%2C%22scs%22%3A%22hmkcXbQYaq%22%7D%5D&rid=f8732582-4732-4a90-b375-f7c7f796d07d&jsv=1808.010-3.025&sr=1600X1200&rts=1658160084981&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=103.0.5060.53&dv=p&ce=t&purl=https%3A%2F%2Fwww.threatminer.org%2F&tzo=-0000&c=c&strg=true&rsd=9wjSwLSv7ruwlG-ZZP_t_ScQq1kePriUWMFsm9XzidPgjyYaE4dGFW2TkAIjWkGm7q9oOa3LmbcdQKPQTVsYmjsmH9tX1B4VRYAZSwjaFXnbALc60AJC9w8FeXluH8ZFnf34lHEtiBjtvKX2R6h5zrRw2tHMzUs7&rsk=70&rcs=kxky4c32w16jwZB1-lESVA&cuid=877faace-9555-4473-99f5-a929aeb63e0e&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e5b21b835aaffe82018bd0f5266769946e3206ea181352c6215ecfbfc7ea747

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-CA
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 72cc6f933fdfa1ec-YYZ
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B0F6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&dcc=t

43 B
932 B

49ms
48ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PCPWFFJNBBHYNFATYHHH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5E9HDN2WF06MWFT49KWE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YtWD1EyL75q2p0BX64B61QAAAiYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK2qHCooJyjOsW0xE7kcnVA&google_cver=1

43 B
945 B

83ms
59ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK2qHCooJyjOsW0xE7kcnVA&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f990fbd53f5-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54Sp13A5uMKSZjxQiuSCVpAme1OV4hfqy87H1nJpXzFNvGvSYKicUhxLqHqZbGakRHdekK8GTzDcw5kRDhLC1%2BftX20gkWfW4ILb%2FbnjjpcKmeJmtZylW%2BkKdi%2BQd2AvJLYuPlJWAw3%2FuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK2qHCooJyjOsW0xE7kcnVA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&expiration=1660752085&gdpr=0&gdpr_consent=

43 B
430 B

103ms
82ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&expiration=1660752085&gdpr=0&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f9418b5a208-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=306FD5Ac%2BmiBO5opl9pFGtwGtax8NiIU%2FBXbBrqZg8ze%2B1XJhX%2B8ukx5fzHi3uDnsdp6yaUHd1EZbvcVlQVTm3s4VEZenxAckbdOqFFHegPlcgFBw8RpIba67FRIWD70%2BsTuuHGo0M0m%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&expiration=1660752085&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YtWD1EyL75q2p0BX64B61QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpsBWSEXU5fv6aA-CadiDY&google_cver=1

43 B
904 B

66ms
65ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpsBWSEXU5fv6aA-CadiDY&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f98ea11a214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVL9sKXMmHE1rHIbW0jgKV5gPSx454fBPH6BehB2Kif6gZlgmrqb6%2F9n8eScFf9VryNlfRGK2sSKbanENuoyV7CiXBcr6%2FJcGN9xg8GkToexywe5PkUIWr%2BmFuwYoPgxl4G8BQ3ofQ3o3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpsBWSEXU5fv6aA-CadiDY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D300CEEF4E4F4B6B9061CC65F3EC7F60

43 B
911 B

88ms
77ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D300CEEF4E4F4B6B9061CC65F3EC7F60
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f971f1ea214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYGxYLMcBlAINvMzzsnGKvs%2BQ6P9lHsyfRtkVWSWH40VwdxjDpwvYhcEiaJdRd8jNi0a%2BDNwPdjmzYx32apgCcSY1%2BJr5Da31fLIpHCb1i8DPv%2BDOoSnfySL%2BW%2Bhp41JwpZZKWGl2G2z6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D300CEEF4E4F4B6B9061CC65F3EC7F60
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Jul 2022 16:01:25 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtWD1EyL75q2p0BX64B61QAA%26550
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fd279604-bb3e-4a96-a780-51d60756b961-tuct9cf0955

43 B
909 B

88ms
68ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fd279604-bb3e-4a96-a780-51d60756b961-tuct9cf0955
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f971f22a214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DfXESnxPYHNQJtfPjzPbhy6vmYLbrU0BpSiYVY%2BDd7%2FfCRmnlCfNi5nqeXFPk%2F6TDq5LNpZnirudW9uLZ6Y2CUJwXVcvZ6iKCPNDXRCbQa0IyaO3%2BLg5LRvu0zrTP7q845ifXBdtzLcDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fd279604-bb3e-4a96-a780-51d60756b961-tuct9cf0955
date: Mon, 18 Jul 2022 16:01:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17375

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nx9ozvneSlZl0Nz8EQlTRpU4mbg

43 B
905 B

113ms
91ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nx9ozvneSlZl0Nz8EQlTRpU4mbg
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f971f26a214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W72vcKRR6QsltkjjHAJiHAVXnrNtjaFoAr44b%2B5n3TdTzNhxY4sEA01oF0FAIgvLkdY6q4gAclUu%2BJx1no5G0GqVQdz3qUiwAwesXuRVtV747DQ51Yw6%2B7ZEdQp8gA1neZfP3%2FUeDYZPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nx9ozvneSlZl0Nz8EQlTRpU4mbg
Date: Mon, 18 Jul 2022 16:01:25 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://d.adroll.com/cm/index/ssp
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
943 B

80ms
54ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f971f2aa214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd7NKKV6hrQnGwBFNfjyZp0WgaFAFTzQOz%2BKeOKGGPFHxB3vrx98x6hhel6xdh6rJhW%2FR2KxIvHYeCGDCoKXjnwWD6vv7zF7YBbAkmgbw4dOs0QmrFtgxExVGvRwPBlPXZmGwPzfc0Zxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Mon, 18 Jul 2022 16:01:25 GMT
server: nginx/1.20.0
content-length: 76

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame B0F6 35 B
267 B 79ms
77ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YtWD1EyL75q2p0BX64B61QAA%26550
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 72cc6f93c899a1ec-YYZ
content-length: 35
expires: Sun, 18 Jul 2021 16:01:25 GMT

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 40ms
38ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f93f8f3a1ec-YYZ
date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
server: cloudflare
age: 6378
etag: W/"5344d-5d6649709d511"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 17 Aug 2022 14:15:07 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame E30F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
410 B

31ms
19ms

Document
text/html

23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Mon, 18 Jul 2022 16:01:25 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 18 Jul 2022 16:01:25 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H3

200

match
events-ssc.33across.com/ Frame 7970
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=73380c73-8db9-486a-b2a2-ae6621273880&google_hm=NzMzODBjNzMtOGRiOS00ODZhLWIyYTItYWU2NjIxMjcz...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEErkzWrahUOc0_vzjkEluEA&google_cver=1&ssp=the33across&bsw_param=73380c73-8db9-486a-b2a2-ae6621273880
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=73380c73-8db9-486a-b2a2-ae6621273880
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=73380c73-8db9-486a-b2a2-ae6621273880&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

51ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=73380c73-8db9-486a-b2a2-ae6621273880&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=73380c73-8db9-486a-b2a2-ae6621273880&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 7970
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1658160085093.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d47b62d5-83d5-4b00-a34c-27126a11af59

68 B
82 B

57ms
33ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d47b62d5-83d5-4b00-a34c-27126a11af59
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 18 Jul 2022 16:01:25 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d47b62d5-83d5-4b00-a34c-27126a11af59
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 18 Jul 2022 16:01:24 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 7970
Redirect Chain

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h~A
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h%7EA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
225 B

80ms
46ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h%7EA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ceGreVhE2uGdI7iicHpan0S0GvIsgz_h%7EA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 7970
Redirect Chain

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4ff9ae0dcbe21228&is_secure=true&networkId=78390&version=1&us_privacy=
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGckJNV5VzOAM1AmRGAAAAAAA&expiration=1658246485&is_secure=true&us_privacy=
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGckJNV5VzOAM1AmRGAAAAAAA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGckJNV5VzOAM1AmRGAAAAAAA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:25 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGckJNV5VzOAM1AmRGAAAAAAA&ts=1658160085&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame 7970
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1660752085%26external_user_id%3D3ca3d77c-4238-4451-8e6f-3fbe3883ea89
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660752085&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89

68 B
225 B

97ms
26ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660752085&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:24 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 40000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660752085&external_user_id=3ca3d77c-4238-4451-8e6f-3fbe3883ea89
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
722 B 615ms
44ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=19&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc1&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: aab2bc0c21b96bbb3ea7edb7be9a082bd0ebcca250b809728adc8c55ae01b7d9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:25 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.threatminer.org
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame C875 16 KB
7 KB 20ms
19ms Document
text/html 2600:9000:21da:2600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:2600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cd0fb5005d7e9a84f0c3823c930a2480a8b6f169b6f2d9fd21b55343e1af9a22

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 37663
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 05:33:42 GMT
Last-Modified: Sat, 16 Jul 2022 18:28:25 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wTJHcQ2xjfQ5OV5vc9b3C0z3PEn_fDE0oU5RZEXWbGpbfocLQp_EPg==
X-Amz-Cf-Pop: EWR53-C1
X-Cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame 89E2 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 96fbde62-9dc4-4417-80c1-cfb630b2f62e
https://www.threatminer.org/ 10 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.threatminer.org/96fbde62-9dc4-4417-80c1-cfb630b2f62e
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 10517
Content-Type: text/javascript

GET
BLOB 200
OK ae08773a-ccbd-40c2-a9bd-8e65c8b85c4f
https://www.threatminer.org/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.threatminer.org/ae08773a-ccbd-40c2-a9bd-8e65c8b85c4f
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 329ms
165ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=452&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc2&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:26 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame E30F 31 KB
10 KB 21ms
20ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 29070b793b2232697084674a7d43185e557cb0ac536db29b206ff8f7e93e6882

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 20:44:25 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=57233
content-type: text/html; charset=UTF-8
content-length: 9451
expires: Tue, 19 Jul 2022 07:55:18 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 43ms
42ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=662&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc3&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:25 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 8vp-kf5v
pbs.twimg.com/card_img/1547032184371814401/ Frame 8025 24 KB
24 KB 60ms
43ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547032184371814401/8vp-kf5v?format=png&name=800x419

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D2A) /

Resource Hash

f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 481922
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 24299
x-response-time: 37
surrogate-key: card_img card_img/bucket/0 card_img/1547032184371814401
last-modified: Wed, 13 Jul 2022 01:34:29 GMT
server: ECS (nyb/1D2A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 541274b23587bbde4915b3fc644d19bc1293cd6b10040f973b2fa66eea39e829
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qXI3ybUo
pbs.twimg.com/card_img/1547957645008850945/ Frame 8025 22 KB
22 KB 37ms
20ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547957645008850945/qXI3ybUo?format=png&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D18) /

Resource Hash

f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 262782
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 22774
x-response-time: 154
surrogate-key: card_img card_img/bucket/4 card_img/1547957645008850945
last-modified: Fri, 15 Jul 2022 14:51:56 GMT
server: ECS (nyb/1D18)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b891cfa3f40251a04aec31b778fb164818713b70447fdb07f693417fd7747bc9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 rEIEkAx2
pbs.twimg.com/card_img/1546852123924733953/ Frame 8025 27 KB
27 KB 57ms
41ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546852123924733953/rEIEkAx2?format=png&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1A) /

Resource Hash

106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 524069
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 27527
x-response-time: 51
surrogate-key: card_img card_img/bucket/2 card_img/1546852123924733953
last-modified: Tue, 12 Jul 2022 13:39:00 GMT
server: ECS (nyb/1D1A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11da662bdee0fbe4243a70d4cc7a1bfb1583fdd0889b2ab0cfa5b308ef641a0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IKPD23q7
pbs.twimg.com/card_img/1547364779903569920/ Frame 8025 46 KB
46 KB 35ms
19ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547364779903569920/IKPD23q7?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D16) /

Resource Hash

7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 401007
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 46803
x-response-time: 59
surrogate-key: card_img card_img/bucket/2 card_img/1547364779903569920
last-modified: Wed, 13 Jul 2022 23:36:06 GMT
server: ECS (nyb/1D16)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5659b4f4c809cb2666aa9ab0449bd542dd114e4df33a88a0c56e26a5059caebc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f448.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 422 B
583 B 154ms
27ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f448.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/47B1) /

Resource Hash

4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 30267898
x-ton-expected-size: 422
x-cache: HIT
content-length: 422
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECAcc (nyb/47B1)
etag: "D3w7G3cLTZqaQU3X/K27SA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 83b3b78cc1ee574c20cda106fac3e6e861c7431fb6281763a45ffdaec6140aa6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 M49YQKG_
pbs.twimg.com/card_img/1548210647090966529/ Frame 8025 15 KB
15 KB 79ms
63ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1548210647090966529/M49YQKG_?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D16) /

Resource Hash

967e6da5d7c3c1c267d3677a9c4b157b622e598e290e3bd0751d278457e81776

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 199113
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 15317
x-response-time: 159
surrogate-key: card_img card_img/bucket/2 card_img/1548210647090966529
last-modified: Sat, 16 Jul 2022 07:37:17 GMT
server: ECS (nyb/1D16)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c8ed8c94ac3cf0a0957f545bd078dfc8ec9d111aaca748fb58621497bfdb761
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aYAO8Gxg
pbs.twimg.com/card_img/1546882348741844992/ Frame 8025 21 KB
21 KB 80ms
65ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546882348741844992/aYAO8Gxg?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D23) /

Resource Hash

5d502f1ae618be2d98cf4b6e4be84089704eccfa8b01199bdffcd366aeafff24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:25 GMT
x-content-type-options: nosniff
age: 516911
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 21615
x-response-time: 45
surrogate-key: card_img card_img/bucket/3 card_img/1546882348741844992
last-modified: Tue, 12 Jul 2022 15:39:06 GMT
server: ECS (nyb/1D23)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24fe7952075f7f952d4f2c24865cca34b5210d299bfbdcdfbee20560195bb134
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qpveFlTR
pbs.twimg.com/card_img/1547405946401456130/ Frame 8025 26 KB
26 KB 34ms
33ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547405946401456130/qpveFlTR?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1F) /

Resource Hash

edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 389928
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 26818
x-response-time: 42
surrogate-key: card_img card_img/bucket/1 card_img/1547405946401456130
last-modified: Thu, 14 Jul 2022 02:19:41 GMT
server: ECS (nyb/1D1F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6105ce21be38ff07e2b023d1ab983f6514fbb065af2df17e89912710856393dd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f602.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 1 KB
1 KB 153ms
28ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f602.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4736) /

Resource Hash

c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 4432891
x-ton-expected-size: 1095
x-cache: HIT
content-length: 1095
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECAcc (nyb/4736)
etag: "CskKXLmjEnqr5kggS5rnnQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d75aa0348efb3e6fe557f5d264dcfdfa729145121053e90a520262e4736c599d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 1f918.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 603 B
990 B 144ms
19ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f918.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4771) /

Resource Hash

13da23e323658067823edcbc9f6033522a57cbe4325eb72470ab93f6c77f5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 3914765
x-ton-expected-size: 603
x-cache: HIT
content-length: 603
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:57:56 GMT
server: ECAcc (nyb/4771)
etag: "SabOq57Qub/blwNeQOJr5w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7190c2ab0f7ddfb0cf3db9d4a685b408a5c2e8859b3746f80014e887752d4c67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 CClbIVFz
pbs.twimg.com/card_img/1546744444191375360/ Frame 8025 24 KB
25 KB 40ms
39ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546744444191375360/CClbIVFz?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D27) /

Resource Hash

558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 549287
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 24904
x-response-time: 98
surrogate-key: card_img card_img/bucket/0 card_img/1546744444191375360
last-modified: Tue, 12 Jul 2022 06:31:07 GMT
server: ECS (nyb/1D27)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4cd790777192a31b58b1f58a0aa0811cd8ec82c127b0b96004cf7c9f8331a534
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview.htm
rt3043.infolinks.com/action/ 0
143 B 112ms
111ms Image
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3043.infolinks.com/action/adview.htm?rid=f8732582-4732-4a90-b375-f7c7f796d07d&bdc=1&midx=0&emd=OTl-MTg0OQ&rts=1658160085962&prod_t=d&jsv=1808.010-3.025&skin=sidebar&theme=lightBlue&sdata=conditions&scs=hmkcXbQYaq&rsd=9wjSwLSv7ruwlG-ZZP_t_ScQq1kePriUWMFsm9XzidPgjyYaE4dGFW2TkAIjWkGm7q9oOa3LmbcdQKPQTVsYmjsmH9tX1B4VRYAZSwjaFXnbALc60AJC9w8FeXluH8ZFnf34lHEtiBjtvKX2R6h5zrRw2tHMzUs7&rsk=70&rcs=kxky4c32w16jwZB1-lESVA
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 72cc6f999aa4a1ec-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 8025 53 KB
12 KB 23ms
22ms Stylesheet
text/css 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 16:01:26 GMT
Content-Encoding: gzip
Age: 328491
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 22:43:24 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 27ms
26ms Image
text/css 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 16:01:26 GMT
Content-Encoding: gzip
Age: 328491
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 22:43:24 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame C875 0
564 B 20ms
19ms XHR
text/html 2600:9000:21da:2600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000102
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:2600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.ad-score.com/x.html?pid=1000102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 05:33:42 GMT
Content-Encoding: br
Connection: keep-alive
Last-Modified: Sat, 16 Jul 2022 18:28:25 GMT
Age: 37664
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: CALZW-NahvtncPxuPdxCwaAKOVe5iaM6tHVqPrmvVW4T87PoMcitFw==
Via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)

GET
BLOB 200
OK 3bcbb299-50b4-40fd-974b-425faac978d4
https://www.threatminer.org/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.threatminer.org/3bcbb299-50b4-40fd-974b-425faac978d4
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C480 165 KB
55 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

956eaa7438776d93a61d40d80717ad1ec60449ee7fe81c70166d0aff9fe6bb01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56568
x-xss-protection: 0
server: cafe
etag: 13515005862520339180
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 16:01:26 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 47ms
46ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=919&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc4&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:26 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E30F 284 B
934 B 180ms
35ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type: image/jpg

GET
H2 200 8vp-kf5v
pbs.twimg.com/card_img/1547032184371814401/ Frame 8025 24 KB
24 KB 69ms
41ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547032184371814401/8vp-kf5v?format=png&name=800x419

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D14) /

Resource Hash

f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 481923
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=22
content-length: 24299
x-response-time: 37
surrogate-key: card_img card_img/bucket/0 card_img/1547032184371814401
last-modified: Wed, 13 Jul 2022 01:34:29 GMT
server: ECS (nyb/1D14)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 541274b23587bbde4915b3fc644d19bc1293cd6b10040f973b2fa66eea39e829
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qXI3ybUo
pbs.twimg.com/card_img/1547957645008850945/ Frame 8025 22 KB
22 KB 92ms
65ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547957645008850945/qXI3ybUo?format=png&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D13) /

Resource Hash

f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 262783
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=33
content-length: 22774
x-response-time: 154
surrogate-key: card_img card_img/bucket/4 card_img/1547957645008850945
last-modified: Fri, 15 Jul 2022 14:51:56 GMT
server: ECS (nyb/1D13)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b891cfa3f40251a04aec31b778fb164818713b70447fdb07f693417fd7747bc9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 rEIEkAx2
pbs.twimg.com/card_img/1546852123924733953/ Frame 8025 27 KB
27 KB 112ms
86ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546852123924733953/rEIEkAx2?format=png&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1C) /

Resource Hash

106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 517829
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=68
content-length: 27527
x-response-time: 49
surrogate-key: card_img card_img/bucket/2 card_img/1546852123924733953
last-modified: Tue, 12 Jul 2022 13:39:00 GMT
server: ECS (nyb/1D1C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba35e1ec84b055a35bb1cc287cf0be8869e66b67ec22f9142d7487d17ab5290a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IKPD23q7
pbs.twimg.com/card_img/1547364779903569920/ Frame 8025 46 KB
46 KB 75ms
49ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547364779903569920/IKPD23q7?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1A) /

Resource Hash

7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 401008
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=24
content-length: 46803
x-response-time: 59
surrogate-key: card_img card_img/bucket/2 card_img/1547364779903569920
last-modified: Wed, 13 Jul 2022 23:36:06 GMT
server: ECS (nyb/1D1A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5659b4f4c809cb2666aa9ab0449bd542dd114e4df33a88a0c56e26a5059caebc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f448.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 422 B
494 B 58ms
33ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f448.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/47B1) /

Resource Hash

4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 30267898
x-ton-expected-size: 422
x-cache: HIT
content-length: 422
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECAcc (nyb/47B1)
etag: "D3w7G3cLTZqaQU3X/K27SA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 83b3b78cc1ee574c20cda106fac3e6e861c7431fb6281763a45ffdaec6140aa6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 M49YQKG_
pbs.twimg.com/card_img/1548210647090966529/ Frame 8025 15 KB
15 KB 94ms
69ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1548210647090966529/M49YQKG_?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D06) /

Resource Hash

967e6da5d7c3c1c267d3677a9c4b157b622e598e290e3bd0751d278457e81776

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 199114
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=34
content-length: 15317
x-response-time: 159
surrogate-key: card_img card_img/bucket/2 card_img/1548210647090966529
last-modified: Sat, 16 Jul 2022 07:37:17 GMT
server: ECS (nyb/1D06)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c8ed8c94ac3cf0a0957f545bd078dfc8ec9d111aaca748fb58621497bfdb761
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aYAO8Gxg
pbs.twimg.com/card_img/1546882348741844992/ Frame 8025 21 KB
21 KB 70ms
46ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546882348741844992/aYAO8Gxg?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D17) /

Resource Hash

5d502f1ae618be2d98cf4b6e4be84089704eccfa8b01199bdffcd366aeafff24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 516912
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=23
content-length: 21615
x-response-time: 45
surrogate-key: card_img card_img/bucket/3 card_img/1546882348741844992
last-modified: Tue, 12 Jul 2022 15:39:06 GMT
server: ECS (nyb/1D17)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24fe7952075f7f952d4f2c24865cca34b5210d299bfbdcdfbee20560195bb134
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qpveFlTR
pbs.twimg.com/card_img/1547405946401456130/ Frame 8025 26 KB
26 KB 84ms
58ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1547405946401456130/qpveFlTR?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D18) /

Resource Hash

edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 389928
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=33
content-length: 26818
x-response-time: 42
surrogate-key: card_img card_img/bucket/1 card_img/1547405946401456130
last-modified: Thu, 14 Jul 2022 02:19:41 GMT
server: ECS (nyb/1D18)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6105ce21be38ff07e2b023d1ab983f6514fbb065af2df17e89912710856393dd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f602.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 1 KB
1 KB 59ms
36ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f602.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4736) /

Resource Hash

c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 4432891
x-ton-expected-size: 1095
x-cache: HIT
content-length: 1095
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECAcc (nyb/4736)
etag: "CskKXLmjEnqr5kggS5rnnQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d75aa0348efb3e6fe557f5d264dcfdfa729145121053e90a520262e4736c599d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 1f918.png
abs.twimg.com/emoji/v2/72x72/ Frame 8025 603 B
677 B 61ms
38ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f918.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4771) /

Resource Hash

13da23e323658067823edcbc9f6033522a57cbe4325eb72470ab93f6c77f5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 3914765
x-ton-expected-size: 603
x-cache: HIT
content-length: 603
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:57:56 GMT
server: ECAcc (nyb/4771)
etag: "SabOq57Qub/blwNeQOJr5w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7190c2ab0f7ddfb0cf3db9d4a685b408a5c2e8859b3746f80014e887752d4c67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 18 Jul 2023 16:01:26 GMT

GET
H2 200 CClbIVFz
pbs.twimg.com/card_img/1546744444191375360/ Frame 8025 24 KB
25 KB 55ms
45ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1546744444191375360/CClbIVFz?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D16) /

Resource Hash

558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 549287
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=25
content-length: 24904
x-response-time: 98
surrogate-key: card_img card_img/bucket/0 card_img/1546744444191375360
last-modified: Tue, 12 Jul 2022 06:31:07 GMT
server: ECS (nyb/1D16)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4cd790777192a31b58b1f58a0aa0811cd8ec82c127b0b96004cf7c9f8331a534
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3UAW7s5h_normal.png
pbs.twimg.com/profile_images/653471756741685248/ Frame 8025 5 KB
5 KB 20ms
18ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/653471756741685248/3UAW7s5h_normal.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D16) /

Resource Hash

a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 430476
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 5151
x-response-time: 11
surrogate-key: profile_images profile_images/bucket/7 profile_images/653471756741685248
last-modified: Mon, 12 Oct 2015 07:24:22 GMT
server: ECS (nyb/1D16)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b85c58f63a8b4b44bd568f62b33aa5c84a4020679882f2acb4bc83ac16fdf45d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aMbi352I_normal.jpg
pbs.twimg.com/profile_images/1481284390932074499/ Frame 8025 3 KB
3 KB 21ms
19ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1481284390932074499/aMbi352I_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D20) /

Resource Hash

5f82d10b244c0811546fce6bc98e767655bceee2b7f41c6b41aef2e630a1ace8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 426173
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2567
x-response-time: 12
surrogate-key: profile_images profile_images/bucket/1 profile_images/1481284390932074499
last-modified: Wed, 12 Jan 2022 15:16:14 GMT
server: ECS (nyb/1D20)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1adb8baf7f8c6eb4dbc3ca0828a607458fb900c110cdce55ca9c22e581754cd4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5q1AbFXy_normal.jpg
pbs.twimg.com/profile_images/1346196937985433601/ Frame 8025 2 KB
3 KB 44ms
44ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1346196937985433601/5q1AbFXy_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D22) /

Resource Hash

91b4ac439a88193b25a302f46fc9a2b0c5455ca4b1f30b7406a541fbc6201200

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 5177
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=23
content-length: 2263
x-response-time: 10
surrogate-key: profile_images profile_images/bucket/0 profile_images/1346196937985433601
last-modified: Mon, 04 Jan 2021 20:46:55 GMT
server: ECS (nyb/1D22)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 413541a26fbebad724d67ebf90bb7e45c03479e9a55bd9a53ff48413b2a11cb5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 bMS2a9P1_normal.jpg
pbs.twimg.com/profile_images/1294860240299728897/ Frame 8025 2 KB
2 KB 19ms
18ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1294860240299728897/bMS2a9P1_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D08) /

Resource Hash

91ccad943b75171869dacbe5c42de58887b92a1d9fbc567651ade87e7193984d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 80173
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1883
x-response-time: 11
surrogate-key: profile_images profile_images/bucket/5 profile_images/1294860240299728897
last-modified: Sun, 16 Aug 2020 04:53:13 GMT
server: ECS (nyb/1D08)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9afc2ddca1647abac70a72216678c830ae5eada7878e400f0e8e12c1cf7be033
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XHt2EJFn_normal.jpg
pbs.twimg.com/profile_images/753748648085848065/ Frame 8025 2 KB
2 KB 20ms
20ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/753748648085848065/XHt2EJFn_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1DCD) /

Resource Hash

5a7b3090bd9f8835e6add21f9c4e519a19af8fcedb40d3e9488d0e5e23a2fe36

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 344543
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1807
x-response-time: 14
surrogate-key: profile_images profile_images/bucket/0 profile_images/753748648085848065
last-modified: Fri, 15 Jul 2016 00:28:56 GMT
server: ECS (nyb/1DCD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 023a812af66fe45aed15bf620d33738648e0066ca681954386ab6ef299295473
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xWoK6KuP_normal.jpg
pbs.twimg.com/profile_images/1463883343079088138/ Frame 8025 2 KB
2 KB 19ms
18ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1463883343079088138/xWoK6KuP_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D2F) /

Resource Hash

70f157c3fb7e1d05c83d4f8f269d9c6b67203e37863329eefc5202b97af308cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 182695
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2035
x-response-time: 73
surrogate-key: profile_images profile_images/bucket/3 profile_images/1463883343079088138
last-modified: Thu, 25 Nov 2021 14:50:41 GMT
server: ECS (nyb/1D2F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 31d8e341c98c500d986a22716237bb12e470b404345fbc3f3feb50e23c7ec1a7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5MAHUhST_normal.jpg
pbs.twimg.com/profile_images/1367943482053115905/ Frame 8025 2 KB
2 KB 25ms
25ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1367943482053115905/5MAHUhST_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D14) /

Resource Hash

28350b1ee2c38c7a5eb134d520dedd01ab578d81c2ebe814e63e5d212c6ab1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 25559
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2111
x-response-time: 10
surrogate-key: profile_images profile_images/bucket/0 profile_images/1367943482053115905
last-modified: Fri, 05 Mar 2021 20:59:55 GMT
server: ECS (nyb/1D14)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c68e51e9f183d05fd7b9cbdaf1e6a81756850581e316bc151bb4390a4ffb5a1c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Zpfst2wh_normal.jpg
pbs.twimg.com/profile_images/1165118373585403904/ Frame 8025 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1165118373585403904/Zpfst2wh_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1D) /

Resource Hash

999a740fc678f340320d75cf6083acc26c1d005b81d6819cc3af4598b328d503

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 264890
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1959
x-response-time: 82
surrogate-key: profile_images profile_images/bucket/6 profile_images/1165118373585403904
last-modified: Sat, 24 Aug 2019 04:25:21 GMT
server: ECS (nyb/1D1D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bd06585cb6dfc27d82bab883f7d5f5858c551917950582b10181a4126aff2301
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0YdvRUp3_normal.jpg
pbs.twimg.com/profile_images/1233771657581547523/ Frame 8025 2 KB
2 KB 22ms
21ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1233771657581547523/0YdvRUp3_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D17) /

Resource Hash

1de1b94f2eb27f99f30e3a3afdfc9db5333cca95520d2342b73ee5db60fd8bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 25559
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1959
x-response-time: 12
surrogate-key: profile_images profile_images/bucket/0 profile_images/1233771657581547523
last-modified: Sat, 29 Feb 2020 15:09:00 GMT
server: ECS (nyb/1D17)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dcd4f503a8490ceb814800b022a1536fc5dbad996245f7025bd49406f3e6b7d0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 PpXyevIF_normal.jpg
pbs.twimg.com/profile_images/817871248063610881/ Frame 8025 2 KB
2 KB 24ms
22ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/817871248063610881/PpXyevIF_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1DD2) /

Resource Hash

605eefd6f113ffc50e197d237861a4fbfefc52a781370ed5ad047e2e32632091

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 595700
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1883
x-response-time: 10
surrogate-key: profile_images profile_images/bucket/9 profile_images/817871248063610881
last-modified: Sat, 07 Jan 2017 23:09:15 GMT
server: ECS (nyb/1DD2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8818e395437d67f8481b4a1e75b2696fd4fa97f957fa72394a2733da622d97cf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E520b31VIAMiSRo
pbs.twimg.com/media/ Frame 8025 37 KB
38 KB 28ms
27ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E520b31VIAMiSRo?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D0F) /

Resource Hash

bdb581fa06f3f03a95aabe175a9d30c381faaf15cc34c35a0ff4c5cc13c45f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 415160
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 38316
x-response-time: 10
surrogate-key: media media/bucket/3 media/1413484249001304067
last-modified: Fri, 09 Jul 2021 13:02:40 GMT
server: ECS (nyb/1D0F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 19f748fb8c5b5a8868b8d60baea8f7bc82a7191a61870cfde560f0cfa0a10945
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 EJQs_KmUcAAujwA
pbs.twimg.com/media/ Frame 8025 31 KB
31 KB 37ms
18ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EJQs_KmUcAAujwA?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D22) /

Resource Hash

058b7f33a61ef0de50995d1e74f6d171f0923c3305824a47bf588c6c4cf2fd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 12207
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 31653
x-response-time: 8
surrogate-key: media media/bucket/9 media/1194629264848482304
last-modified: Wed, 13 Nov 2019 14:51:06 GMT
server: ECS (nyb/1D22)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aad0ad6a115c295121a77a9598fcf47fca4244ff93c7c5c91f54d2b9e9771e94
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D2wzfrBX4AEGE9H
pbs.twimg.com/tweet_video_thumb/ Frame 8025 3 KB
3 KB 38ms
19ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/D2wzfrBX4AEGE9H?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D22) /

Resource Hash

3d56f2bc68d9d190a05df1dc24bd2653eaff3c20660fa4e8b4fda71ebd8ada64

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 12207
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 3024
x-response-time: 13
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/1 tweet_video_thumb/1111319827271114753
last-modified: Thu, 28 Mar 2019 17:29:08 GMT
server: ECS (nyb/1D22)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae3c0cc31f57b68d52ce13c6f9c5e708115b8a165034269ae9d55eed5a569962
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D1ErO9GW0AQ_Cn_
pbs.twimg.com/tweet_video_thumb/ Frame 8025 4 KB
4 KB 24ms
20ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/D1ErO9GW0AQ_Cn_?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D14) /

Resource Hash

0df35dc4906a0b5425ab3e2dd3e7b4aee3c01734f8966c3f38aade193df6bbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 12207
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 4144
x-response-time: 10
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/9 tweet_video_thumb/1103710919601868804
last-modified: Thu, 07 Mar 2019 17:34:03 GMT
server: ECS (nyb/1D14)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fdec4f4dc0e29e255b3be655648b1b386938baa96b2f1f0dd0c6a29f7c856470
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D05-zlYXgAUGuMn
pbs.twimg.com/media/ Frame 8025 43 KB
43 KB 25ms
20ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D05-zlYXgAUGuMn?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D23) /

Resource Hash

4a2266339c6f702080a356cb4823f95f42dfb25eb49dc3b5f6d56711761379a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
age: 12207
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 43575
x-response-time: 11
surrogate-key: media media/bucket/5 media/1102958383425093637
last-modified: Tue, 05 Mar 2019 15:43:45 GMT
server: ECS (nyb/1D23)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0710d08ce5d2ff22ad625289bf287f99c62d8e274e65b425fd44c626437ddfcd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 48ms
47ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=1011&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc5&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:26 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 8025 44 KB
7 KB 180ms
29ms Stylesheet
text/css 2606:2800:21f:c0ec:d236:5e26:ab36:2d30
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46CB) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361968
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (nyb/46CB)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 9d28073cd3dbc1d37939d01f260ade06fce785235f91f906fbcf61870437bae6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 25 Jul 2022 16:01:26 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 179ms
32ms Image
text/css 2606:2800:21f:c0ec:d236:5e26:ab36:2d30
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46CB) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361968
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (nyb/46CB)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 9d28073cd3dbc1d37939d01f260ade06fce785235f91f906fbcf61870437bae6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 25 Jul 2022 16:01:26 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ Frame C480 340 KB
120 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49812b3dba48031423f0b9646344394167b607398857297c74a5c8ca5a2ea17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122487
x-xss-protection: 0
server: cafe
etag: 11649352232098118584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 16:01:26 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
379 B 164ms
145ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.threatminer.org%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3AThreatMiner%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658160086397%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%223235bd17138fa%3A1657578976990%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=0d334cbc65158457fa89b20eccf7a500509b89a2

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Mon, 18 Jul 2022 16:01:26 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5f4bbcac43875db039007177b3f3adc34de01a758e56481307699587b67d7bd7
x-transaction: 10cc476e12020723
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame E30F
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L5QXPB38-25-18O2
https://ssc-cms.33across.com/ps/?xi=1&xu=L5QXPB38-25-18O2
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5QXPB38-25-18O2&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5QXPB38-25-18O2&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
via: 1.1 google
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5QXPB38-25-18O2&ts=1658160086&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 40ms
40ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=1259&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc6&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:26 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame C480 107 B
792 B 209ms
74ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C480 107 B
549 B 166ms
59ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82D1 17 KB
10 KB 346ms
303ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb1d647e7832496154b78c2e32299f4da0f8a2764411c5f748e846a9b85bad95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9747
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 16:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E30F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGEwMzdmNjNkOTk2YzA3ZDMzYzFiZWNkMWQ4ZDViMmViYTJjOWMwZg

170 B
188 B

38ms
36ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGEwMzdmNjNkOTk2YzA3ZDMzYzFiZWNkMWQ4ZDViMmViYTJjOWMwZg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGEwMzdmNjNkOTk2YzA3ZDMzYzFiZWNkMWQ4ZDViMmViYTJjOWMwZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame E30F
Redirect Chain

https://id.rlcdn.com/709414.gif
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

28ms
24ms

Image
text/plain

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 18 Jul 2022 16:01:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E30F
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

103ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ca3d77c-4238-4451-8e6f-3fbe3883ea89&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E30F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5QXPB38-25-18O2

0
575 B

342ms
255ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5QXPB38-25-18O2
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 190DFC4096A940C08A751BCBE25BAAD0 Ref B: YTO01EDGE0422 Ref C: 2022-07-18T16:01:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkFnrzGPOFl/YYHio3qg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5QXPB38-25-18O2
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E30F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/8GWchDZna3zHQigWLM8vQ8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7368688350242285919

42 B
691 B

24ms
24ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7368688350242285919
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Content-Type: image/gif

Redirect headers

date: Mon, 18 Jul 2022 16:01:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7368688350242285919
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E30F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7zzZEXe3HoZMqbeTpObhU&google_cver=1

42 B
691 B

97ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7zzZEXe3HoZMqbeTpObhU&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7zzZEXe3HoZMqbeTpObhU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E30F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8RqXiAAMSdmk02Sp8O2r2Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8RqXiAAMSdmk02Sp8O2r2Q

43 B
556 B

30ms
30ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8RqXiAAMSdmk02Sp8O2r2Q

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:26 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B4883N4DXYZF8YDNQFSR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8RqXiAAMSdmk02Sp8O2r2Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame E30F 43 B
932 B 490ms
177ms Image
image/gif 52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:26 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G8GW6GXH3ERQ484GCAMA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82D1 42 B
63 B 34ms
34ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Db1tsOLCLk_cgJ_cghcMLBfw74GtLMAMPvCVnrLbyokQTT5KZ0uT6lZK50gfPJrRHPAz2N5sHNg9rc_lRxgHoiyHFGC69sGdN06bgrdQ1tg3nDBIM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 82D1 3 KB
1 KB 74ms
23ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Aug 2022 15:56:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82D1 138 KB
43 KB 104ms
43ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Jul 2022 16:01:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 82D1 17 KB
8 KB 70ms
21ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Aug 2022 15:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 82D1 0
0 91ms
37ms Image
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqNHIBOMFz6U4Q-ZBqt6N2HYTFJHLp1sDw4zKriSgzFVseRzJokQDIKe6IdIMBMuiC8nyuYbM_8TMQuE8P7bX09CKsgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B53 624 B
297 B 42ms
37ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWzIBDJj_EBGMSLmLgBMAE&v=APEucNWROLIrXbQyTEsFMn8IT6jARAgZfEyagLxqjylMp5aRL6t-MyAp_Tz-vlKXkOTHf5DG_DXuaaQY5yONgYQKh01-gXmwKQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 16:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 82D1 76 KB
32 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNl1uZK6isy9U_ObamQZFwWdFshBNafbtHzRBSqWRKuwUh7UAdaGhSRQ6hAfw0VxQ0nXFo-mG7iEuDl2tjJiAbs2KZVFB94OWgIpRB_BXJ0HFw1wtgkEaoe8uEuZ2uHS5oDg9eZMMXUY0vWXSk2_lZXBut4A&cry=1&dbm_d=AKAmf-Byd131hDFsW1-1svXCAa2q6g2eO_hM5oLWHbt1j12PhUl0ela9rIv6G79f9zj4urFtgdMbFQVWhFkzTgJA48hhN5oMNJ-OMVl6r5IWnyVdegSqPdPFR8eOifbb0vDZQX_IPBGm1yiecr1cK9F6-_GlR4O64sVSEGttRWQIeHI5vd9Rde75OlV04HAhX6bbM1jGglb6u2scRKByFlOw0c9UZSkhgeC_3CG-Kb-acrar7dqDeQB_gJrBgn0Y5R4gOwcZtMHBMlvg8LFstWZnu3AHZXWdl2IcMYq9ARwgB4y1HxzSQneXx2m3dgugbeDqxemm8KCH3M_wYQbct0Nrs6m00-WDOZemdxOKRw0ZBlnCs6gYxI5COO3tX7yInJLik4IBQ5KVN5uzCBrbXlXoYaZFcoUnl46nvJ8Mx6jwNdnbhyl_gVjt6VZ7skHAE6u39ahzodRcfHu3NKRK8glAcfFsidkAC3jxvAo85wEA9OIC4wVNLxtP8j1jkqcusswCpdpm89LHiox4c5Huaz3kSqLwj-y7Fkah3nmm9dADzwnZUCZgEIj8VV0qvqApbnn1vtZxrgYgT8pclzwcWcdTSHkcqkO7Yot77H_0GUReFCQsAPHuH08ccarsypxwJmEAkOLGKL05U7-nSvIXJkY2JqoPW1t5q2BxjRhVbQB4JpjSTe__wWw2W5IrW1-3k2aEuMue6JxwF8UR424JZrGMWPFCOxkIXR2f7yJh10K4MD_7ser329MZsuTn_kFPGfnBde8sscHYGpMYrRatTxbfvKP_bBS3nl57HUhcxjC1z6xb4OkZZ1XThJi7weKO9xO_hqeUpeGTuqEy-7CG1yoNBnQ8iscZ3nRdTi1BB2tT3dQna78WJpRYxaRgrBfmtFtO14a88LgY2rsGftJUSHdKpmT2_Qj_XxSxnV--Nh2kSpFZjeSfLE6hsZnyK_ihQRyopg1pZtuIzv8yCAHmbQyEcHmtNIeNlgps5r8PpCxfjhQfWNF6Ui350JVQgYtY1zC2UHmI2VrEu_iJCZSxpFzjAAeZY_zP2fkLxuVdIDqRy6xQ47M5e5r2GYa-_ClYQZ9P5EamUTwHdH_uF5cpOP0do-FZXU6nOY4Fh-in64cyplhcuMQgC_dt1qI5E9TxHVmpZ7sExkHGphFAD2lh_yUEimxHyCBFwuc-I4zxCMJBV58mMw2Qh7Ch4T6K-Q3LK7TEdM1aKjWddlVeGBAHMxbbfc47DX1iebNvwmNiD_cg_u399-YDMeAKxDBWEqwoXNnEwP-f2vNjDzIbAdW1Q-vr3IIdvvSQ7p4m1GJH3FqLqXS9lIKVnwg4yNqKq6_xviLDzcH0QRcH104G-uRDociOJ0aTiN_-0A_dtJ9lfPufgIOzci9DDPgYO753tps7nCFWhO304IVdinP2Go-8fVT9zUFJSxP823FInC4fL9wHfkvZfBi8cYcp3fWqmCiEVsVIy6AxRiHMak_cT9Z2IbS0P60LKfGGzKvpSJKTMwkosEoCYclfP4xKBpeK9z3XfQc1nhyGgMXdFnjK-pzUcPw5jPAqZrbHu5VqNxpxGF6BewQOWIC4b9kKWibBjwthN8PCXK2st3-Xe0lp5hwpgUdXDznwCXXAP2cPCTiKvSYkNdj54pHnRlhmQmwgmxa6VpVvyQWRycObusAi9GbZsrTJCBb_SSFm9Z4eq3F6klbERiyYwqEq9mzBy02i-7-OpxQw3LLbcK0jG8O3KlFc32EnfnWwNPKomffY8yRQDuWs2dZSrgnJJJiGuleRCKh3dxb5WB5A57P67UWSTXKU2NJ0EUTWlEzjS1cmFxYwQdPaXHNEVtnCbvMS8K0OzaDaNXn_lMt0s4QEzE9mYtJPth8-gG92G-gXA2BL2Y9CgtL2PaG_V1GnSwcMgV0flsNc9fnECTOkeNx2RFEnRvLh-iP-ulo8YNu20VdWE1ooUPpRmYEPUmrd9IaAgiXDYBVzPJkDPFqBtEEsLwOeEW74UFjUhvPATW_V2JYzi8z4UIlIGC3Komi9dnLCWOmpCHaMnP8ysfhpINcmCBnaErqQBSJMA9bLwujMbpCIX7M2PvxMZEbagw3Lh3R_187wi9QrgzbND6LyXVFIdcKiUA59rXfdY0BwTlCxsh9OMEMveoS_SnW9xl_XeD_i8K9TG-GoTPbwvci9nsrhrbNnx_RPvKROVdj5nk6lhynTlkAbASLQZHT93AeqBPQ_aswRGFa7M3aMK3m9Qt1psi8rsuZt6WbBeILgvNJLaSLiRtwmcI1XjZXdwQfnnHOGOOxCr8xoPppVGq4NHVg3qlscUCB8aLwRFjA4VNefG76dXzIvjs8k3ohHWSjI5gwLr21yGd1wktr9Iv6OnXoiODSo3X8AW2je_wT3cvwOexaNTN5L3YBQg9A6Qt-4lUX05OV0m5USB1dtlUn8_hm7DHJrLR99libDcw3yjl468TSrfcgCnew981Omx-Un9atbVmmT6VjHV-bDZEY2AR5qiwugpdWyE7Zza33_iok31sYaU84iJmuLQ4K20nTX6v4q8urBjfe1xXl2gNIWF5Ib2Bh0rUlr96Win8hqnWnlkFXw67AZWgm1UCqcNN0iqfdER-IhZ_scNJgGCPKu-Hkqk37bUCSgKmUBb5UmlqcjiUu2CGa9VFxNtOaDsWlAtNgWdslTkt01JB1DsfVubmxvox7EW0jam8DtCbDH5_-wycsCoxWbOl91pSQFBrVsx8FydDjf7ZZ5KNP_-Ku7EJnYsvH1YbbFyydOaWw4QP6ttZtaQDJz-Uu5N7S_YQDzcf9kfqp7iOIibyPE212HlGtjkJRCAzPI0_wwZnFZbgCJ0FrcxNkgxWp2mcyLzey4fpJ1xVSduFVRl9WJ--T1G_y8vYy1xEiLIRgZtyyx7V15b0NSvNRkU527QpouN5w3h9C8VgEJknz_JsiWTeDTxExpsVqf6TpYA05NF_zGJSZ6mF9fTeU8PVIeWac0YOtIKAaL8QhDQAuoDoaVaWFXwhJIbMFnQgiGyke2tnkgcJrwIEcCT8fDdeQlii8t_CpgcjwahqCwB00LEKS2j7QoWj5FUq2239v18_8wAYxvgFcEYtiXy9jqz9J_y2bwj9bIkwidM2mPC-kd2gKTI9f-oWDbQ83djyb9Zyheex4XiPD15u7LYvk32xk_tsCbhtGE3QPLr4aNbL0p2SHFop0afpUtKPNGB0qQFwizFpaKA9kuJSN6gHXY6fDmwjvUdJsYU11G5VSa-1Lk1Biuq7sAScgUYJcLkqTV7T5E4W4ElSXKkoy8tsfg3-s7Q6SHGmcZl1ppReEl36anWwgC2hz7SDZHxwImwCSlzRRRaMz-JJZ6WoIHHhCiwpI2NQPfCCCVkfhJI8OSy6_4j5ryTDz7qJgT&cid=CAASEuRol3SnZ511dbmwzo-ERl-PLg&rfl=2%2Chttps%253A%252F%252Fwww.threatminer.org%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-4299156005397946%2526output%253Dhtml%2526h%253D90%2526slotname%253DADX_T1_P_728x90_ENG%2526adk%253D2655341515%2526adf%253D3279755404%2526pi%253Dt.ma~as.ADX_T1_P_728x90_ENG%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%2526ea%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%2526dt%253D1658160086334%2526bpp%253D5%2526bdt%253D196%2526idt%253D174%2526shv%253Dr20220707%2526mjsv%253Dm202207110101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3879094186330%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D239374104.1658160087%2526ga_sid%253D1658160087%2526ga_hid%253D1438499836%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D436%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D44759875%25252C44759926%25252C44759842%25252C31068106%25252C31067983%25252C31068392%25252C42531606%2526oid%253D2%2526pvsid%253D641499851763068%2526tmod%253D749725966%2526uas%253D0%2526nvt%253D1%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%2526eae%253D2%2526fc%253D640%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.lm1qpxkclwbv%2526fsb%253D1%2526dtd%253D191%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31800a391f8100888d086e116f8e379cff34d135fa650fbf571070f6f11bb2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1

43 B
906 B

55ms
55ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWzIBDJj_EBGMSLmLgBMAE&v=APEucNWROLIrXbQyTEsFMn8IT6jARAgZfEyagLxqjylMp5aRL6t-MyAp_Tz-vlKXkOTHf5DG_DXuaaQY5yONgYQKh01-gXmwKQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6f9fcedca214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYIyvlYtGP2eZsXHMEbipMTVIIwWrWunnGwyG03VRMAFaAs497718ioz6U1O5O9R5pC4p7rT%2FOLyYx65X4VKtmZB2iNDY7uD33BHeraHGJaRL%2BfwLNm9TqQAjnYfd7UpKgz%2FiuKdhBEiNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B53
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtWD1EyL75q2p0BX64B61QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1

43 B
909 B

71ms
71ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWzIBDJj_EBGMSLmLgBMAE&v=APEucNWROLIrXbQyTEsFMn8IT6jARAgZfEyagLxqjylMp5aRL6t-MyAp_Tz-vlKXkOTHf5DG_DXuaaQY5yONgYQKh01-gXmwKQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72cc6fa06fc0a214-YYZ
pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0U3PttYbBrPGeBnIUQTbzp69d74tkb6WXAVesZbXe7Sl%2F7BllNGXj7iMCsIaupLpqVaYCYpioDeFDnmIRxchaq4V1I%2BF%2FOQcYkpIOxUpo00LQOs%2BVijA44AlMTCTa%2BPNWhSjyf%2BFLIxiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM74kUYc9M9_QKegxQvaBQQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8B53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEARdHLBdMt8hRDPlWWYBxsY&google_cver=1

43 B
1018 B

27ms
27ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEARdHLBdMt8hRDPlWWYBxsY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWzIBDJj_EBGMSLmLgBMAE&v=APEucNWROLIrXbQyTEsFMn8IT6jARAgZfEyagLxqjylMp5aRL6t-MyAp_Tz-vlKXkOTHf5DG_DXuaaQY5yONgYQKh01-gXmwKQ

Protocol

HTTP/1.1

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:27 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68e79e7e-e560-4759-9232-3ee22b0ca488
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEARdHLBdMt8hRDPlWWYBxsY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B53
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzY1MzQ1MDI4MDQ0MDE0OQ%3D%3D

170 B
188 B

71ms
71ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzY1MzQ1MDI4MDQ0MDE0OQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:26 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9b89e53c-b922-4c14-99d6-6deee44b3b00
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzY1MzQ1MDI4MDQ0MDE0OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 82D1 106 KB
38 KB 101ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 02:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Jul 2022 02:26:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 82D1 8 KB
3 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNl1uZK6isy9U_ObamQZFwWdFshBNafbtHzRBSqWRKuwUh7UAdaGhSRQ6hAfw0VxQ0nXFo-mG7iEuDl2tjJiAbs2KZVFB94OWgIpRB_BXJ0HFw1wtgkEaoe8uEuZ2uHS5oDg9eZMMXUY0vWXSk2_lZXBut4A&cry=1&dbm_d=AKAmf-Byd131hDFsW1-1svXCAa2q6g2eO_hM5oLWHbt1j12PhUl0ela9rIv6G79f9zj4urFtgdMbFQVWhFkzTgJA48hhN5oMNJ-OMVl6r5IWnyVdegSqPdPFR8eOifbb0vDZQX_IPBGm1yiecr1cK9F6-_GlR4O64sVSEGttRWQIeHI5vd9Rde75OlV04HAhX6bbM1jGglb6u2scRKByFlOw0c9UZSkhgeC_3CG-Kb-acrar7dqDeQB_gJrBgn0Y5R4gOwcZtMHBMlvg8LFstWZnu3AHZXWdl2IcMYq9ARwgB4y1HxzSQneXx2m3dgugbeDqxemm8KCH3M_wYQbct0Nrs6m00-WDOZemdxOKRw0ZBlnCs6gYxI5COO3tX7yInJLik4IBQ5KVN5uzCBrbXlXoYaZFcoUnl46nvJ8Mx6jwNdnbhyl_gVjt6VZ7skHAE6u39ahzodRcfHu3NKRK8glAcfFsidkAC3jxvAo85wEA9OIC4wVNLxtP8j1jkqcusswCpdpm89LHiox4c5Huaz3kSqLwj-y7Fkah3nmm9dADzwnZUCZgEIj8VV0qvqApbnn1vtZxrgYgT8pclzwcWcdTSHkcqkO7Yot77H_0GUReFCQsAPHuH08ccarsypxwJmEAkOLGKL05U7-nSvIXJkY2JqoPW1t5q2BxjRhVbQB4JpjSTe__wWw2W5IrW1-3k2aEuMue6JxwF8UR424JZrGMWPFCOxkIXR2f7yJh10K4MD_7ser329MZsuTn_kFPGfnBde8sscHYGpMYrRatTxbfvKP_bBS3nl57HUhcxjC1z6xb4OkZZ1XThJi7weKO9xO_hqeUpeGTuqEy-7CG1yoNBnQ8iscZ3nRdTi1BB2tT3dQna78WJpRYxaRgrBfmtFtO14a88LgY2rsGftJUSHdKpmT2_Qj_XxSxnV--Nh2kSpFZjeSfLE6hsZnyK_ihQRyopg1pZtuIzv8yCAHmbQyEcHmtNIeNlgps5r8PpCxfjhQfWNF6Ui350JVQgYtY1zC2UHmI2VrEu_iJCZSxpFzjAAeZY_zP2fkLxuVdIDqRy6xQ47M5e5r2GYa-_ClYQZ9P5EamUTwHdH_uF5cpOP0do-FZXU6nOY4Fh-in64cyplhcuMQgC_dt1qI5E9TxHVmpZ7sExkHGphFAD2lh_yUEimxHyCBFwuc-I4zxCMJBV58mMw2Qh7Ch4T6K-Q3LK7TEdM1aKjWddlVeGBAHMxbbfc47DX1iebNvwmNiD_cg_u399-YDMeAKxDBWEqwoXNnEwP-f2vNjDzIbAdW1Q-vr3IIdvvSQ7p4m1GJH3FqLqXS9lIKVnwg4yNqKq6_xviLDzcH0QRcH104G-uRDociOJ0aTiN_-0A_dtJ9lfPufgIOzci9DDPgYO753tps7nCFWhO304IVdinP2Go-8fVT9zUFJSxP823FInC4fL9wHfkvZfBi8cYcp3fWqmCiEVsVIy6AxRiHMak_cT9Z2IbS0P60LKfGGzKvpSJKTMwkosEoCYclfP4xKBpeK9z3XfQc1nhyGgMXdFnjK-pzUcPw5jPAqZrbHu5VqNxpxGF6BewQOWIC4b9kKWibBjwthN8PCXK2st3-Xe0lp5hwpgUdXDznwCXXAP2cPCTiKvSYkNdj54pHnRlhmQmwgmxa6VpVvyQWRycObusAi9GbZsrTJCBb_SSFm9Z4eq3F6klbERiyYwqEq9mzBy02i-7-OpxQw3LLbcK0jG8O3KlFc32EnfnWwNPKomffY8yRQDuWs2dZSrgnJJJiGuleRCKh3dxb5WB5A57P67UWSTXKU2NJ0EUTWlEzjS1cmFxYwQdPaXHNEVtnCbvMS8K0OzaDaNXn_lMt0s4QEzE9mYtJPth8-gG92G-gXA2BL2Y9CgtL2PaG_V1GnSwcMgV0flsNc9fnECTOkeNx2RFEnRvLh-iP-ulo8YNu20VdWE1ooUPpRmYEPUmrd9IaAgiXDYBVzPJkDPFqBtEEsLwOeEW74UFjUhvPATW_V2JYzi8z4UIlIGC3Komi9dnLCWOmpCHaMnP8ysfhpINcmCBnaErqQBSJMA9bLwujMbpCIX7M2PvxMZEbagw3Lh3R_187wi9QrgzbND6LyXVFIdcKiUA59rXfdY0BwTlCxsh9OMEMveoS_SnW9xl_XeD_i8K9TG-GoTPbwvci9nsrhrbNnx_RPvKROVdj5nk6lhynTlkAbASLQZHT93AeqBPQ_aswRGFa7M3aMK3m9Qt1psi8rsuZt6WbBeILgvNJLaSLiRtwmcI1XjZXdwQfnnHOGOOxCr8xoPppVGq4NHVg3qlscUCB8aLwRFjA4VNefG76dXzIvjs8k3ohHWSjI5gwLr21yGd1wktr9Iv6OnXoiODSo3X8AW2je_wT3cvwOexaNTN5L3YBQg9A6Qt-4lUX05OV0m5USB1dtlUn8_hm7DHJrLR99libDcw3yjl468TSrfcgCnew981Omx-Un9atbVmmT6VjHV-bDZEY2AR5qiwugpdWyE7Zza33_iok31sYaU84iJmuLQ4K20nTX6v4q8urBjfe1xXl2gNIWF5Ib2Bh0rUlr96Win8hqnWnlkFXw67AZWgm1UCqcNN0iqfdER-IhZ_scNJgGCPKu-Hkqk37bUCSgKmUBb5UmlqcjiUu2CGa9VFxNtOaDsWlAtNgWdslTkt01JB1DsfVubmxvox7EW0jam8DtCbDH5_-wycsCoxWbOl91pSQFBrVsx8FydDjf7ZZ5KNP_-Ku7EJnYsvH1YbbFyydOaWw4QP6ttZtaQDJz-Uu5N7S_YQDzcf9kfqp7iOIibyPE212HlGtjkJRCAzPI0_wwZnFZbgCJ0FrcxNkgxWp2mcyLzey4fpJ1xVSduFVRl9WJ--T1G_y8vYy1xEiLIRgZtyyx7V15b0NSvNRkU527QpouN5w3h9C8VgEJknz_JsiWTeDTxExpsVqf6TpYA05NF_zGJSZ6mF9fTeU8PVIeWac0YOtIKAaL8QhDQAuoDoaVaWFXwhJIbMFnQgiGyke2tnkgcJrwIEcCT8fDdeQlii8t_CpgcjwahqCwB00LEKS2j7QoWj5FUq2239v18_8wAYxvgFcEYtiXy9jqz9J_y2bwj9bIkwidM2mPC-kd2gKTI9f-oWDbQ83djyb9Zyheex4XiPD15u7LYvk32xk_tsCbhtGE3QPLr4aNbL0p2SHFop0afpUtKPNGB0qQFwizFpaKA9kuJSN6gHXY6fDmwjvUdJsYU11G5VSa-1Lk1Biuq7sAScgUYJcLkqTV7T5E4W4ElSXKkoy8tsfg3-s7Q6SHGmcZl1ppReEl36anWwgC2hz7SDZHxwImwCSlzRRRaMz-JJZ6WoIHHhCiwpI2NQPfCCCVkfhJI8OSy6_4j5ryTDz7qJgT&cid=CAASEuRol3SnZ511dbmwzo-ERl-PLg&rfl=2%2Chttps%253A%252F%252Fwww.threatminer.org%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-4299156005397946%2526output%253Dhtml%2526h%253D90%2526slotname%253DADX_T1_P_728x90_ENG%2526adk%253D2655341515%2526adf%253D3279755404%2526pi%253Dt.ma~as.ADX_T1_P_728x90_ENG%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%2526ea%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%2526dt%253D1658160086334%2526bpp%253D5%2526bdt%253D196%2526idt%253D174%2526shv%253Dr20220707%2526mjsv%253Dm202207110101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3879094186330%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D239374104.1658160087%2526ga_sid%253D1658160087%2526ga_hid%253D1438499836%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D436%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D44759875%25252C44759926%25252C44759842%25252C31068106%25252C31067983%25252C31068392%25252C42531606%2526oid%253D2%2526pvsid%253D641499851763068%2526tmod%253D749725966%2526uas%253D0%2526nvt%253D1%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252F%2526eae%253D2%2526fc%253D640%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.lm1qpxkclwbv%2526fsb%253D1%2526dtd%253D191%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Aug 2022 15:57:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 82D1 27 KB
10 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Aug 2022 15:57:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 82D1 41 KB
15 KB 68ms
21ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 11:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 11:25:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DC2 1 KB
749 B 30ms
19ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 85182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 16:21:45 GMT
etag: 48472445140208031
expires: Mon, 18 Jul 2022 16:21:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 82D1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce0da28926071b06a8550b80892a47e775506aaba82485a78a21ceb81e48b764

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_cver=1&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6a044983b801228&is_secure=true&networkId=14000&version=1&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_cver=1&google_push=AehlK4ArEs_Kv...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcvgzj0WTUANVk1M6AAAAAAA&expiration=1658246487&google_cver=1&is_secure=true&google_gid=CAESEE1hs2rWA-vMZceIur8zk...

170 B
188 B

44ms
37ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcvgzj0WTUANVk1M6AAAAAAA&expiration=1658246487&google_cver=1&is_secure=true&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5gInIVzxJN_Q19-MAJtr5BqzwZL3M0vXPggHd5yWUOT6Gz

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGcvgzj0WTUANVk1M6AAAAAAA&expiration=1658246487&google_cver=1&is_secure=true&google_gid=CAESEE1hs2rWA-vMZceIur8zkI0&google_push=AehlK4ArEs_KvhiNzRbpjnhAEVyayHOtdC8XatJtkRIQ4xDxxDVaso5gInIVzxJN_Q19-MAJtr5BqzwZL3M0vXPggHd5yWUOT6Gz
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0DC2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpk...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aD...

43 B
415 B

84ms
82ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4299156005397946&output=html&h=90&slotname=ADX_T1_P_728x90_ENG&adk=2655341515&adf=3279755404&pi=t.ma~as.ADX_T1_P_728x90_ENG&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.threatminer.org%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658160086334&bpp=5&bdt=196&idt=174&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&correlator=3879094186330&frm=23&ife=1&pv=2&ga_vid=239374104.1658160087&ga_sid=1658160087&ga_hid=1438499836&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068106%2C31067983%2C31068392%2C42531606&oid=2&pvsid=641499851763068&tmod=749725966&uas=0&nvt=1&loc=EMPTY&top=https%3A%2F%2Fwww.threatminer.org%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lm1qpxkclwbv&fsb=1&dtd=191
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72cc6fa148d47157-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 221
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72cc6fa0bfec7157-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFvgL2_vCafXiWszkBm_MRc&google_cver=1&google_push=AehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D5y6YLCgm2WHwaN3L5vXAMk4iobmkQC85uT4vkZqN1jybdn-0dMqBeq-KvcByrUgEquKnb5P4ihG2TjyIS-VdwN1GQ-aDpkQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECf7yrCSU3vRH8sD7Pkaj6g&google_cver=1&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYnJVCrsERFG63S1Vg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D300CEEF4E4F4B6B9061CC65F3EC7F60&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYn...

170 B
188 B

38ms
38ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D300CEEF4E4F4B6B9061CC65F3EC7F60&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYnJVCrsERFG63S1Vg

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Jul 2022 16:01:27 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D300CEEF4E4F4B6B9061CC65F3EC7F60&google_push=AehlK4DMYfgmCBKB48aR57On_TTXDsS944NWSQrv5E0lGFCohAZAPpZVmMdRYpdZc3JuIpJeYZSZcgNVNx3MDYnJVCrsERFG63S1Vg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Jul 2022 16:01:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELOskn4IzETMnSCmUKghcWo&google_cver=1&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R...
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELOskn4IzETMnSCmUKghcWo&google_cver=1&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg&google_hm=MDQwMzAwMD...

170 B
188 B

45ms
38ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg&google_hm=MDQwMzAwMDJfNjJkNTgzZDcyOWY1ZQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Jul 2022 16:01:27 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4BWfq6VidIirKtvGWFAvrhHEe4EfC42tDe49F1nV9n4R5yc_I9gTweG0HudCcbLB6Fy1Xlm-aN1uUQeFplqmQivQ6Qowa-gkg&google_hm=MDQwMzAwMDJfNjJkNTgzZDcyOWY1ZQ%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEBNqj_81MI8f2T1exL28iko&google_cver=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV8of0-6OHQUEHeTo_v8J2cZXF7hDAX8qPG70086BFxMB3v_lCVlIRh0w1mrihbkmqnVfi5
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&mn_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV...

170 B
188 B

38ms
37ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&mn_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV8of0-6OHQUEHeTo_v8J2cZXF7hDAX8qPG70086BFxMB3v_lCVlIRh0w1mrihbkmqnVfi5&gdpr=&gdpr_consent=

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:27 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&mn_hm=MzAxMTYxNjg3MTQ1NTIxMjAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4DEjBMUacc0KQUqNV5l6R3LktV8of0-6OHQUEHeTo_v8J2cZXF7hDAX8qPG70086BFxMB3v_lCVlIRh0w1mrihbkmqnVfi5&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Mon, 18 Jul 2022 16:01:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESED5kamVFxgl0uSBExzJXXkk&google_cver=1&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVeze...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESED5kamVFxgl0uSBExzJXXkk%26google_cver%3D1%26google_push%3DAehlK4CSbXmXQ3l7U0IgnY...
https://rtb2-useast.e-volution.ai/sync?adkuid=A105239681445290219&exchange=193&google_gid=CAESED5kamVFxgl0uSBExzJXXkk&google_cver=1&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXR...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEwNTIzOTY4MTQ0NTI5MDIxOQ&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVeze...

170 B
188 B

39ms
39ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEwNTIzOTY4MTQ0NTI5MDIxOQ&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEwNTIzOTY4MTQ0NTI5MDIxOQ&google_push=AehlK4CSbXmXQ3l7U0IgnYqREd4eYFYHBulo60HF3ZIwraVjvmiXRYjTwWb8Pk1mq1x_uDBsFkmhVezeVme8c6X4Z9JVNUdBVFvocC0
Date: Mon, 18 Jul 2022 16:01:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 0DC2 43 B
65 B 76ms
34ms Image
image/gif 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEQ9ymCRobzXDLINsy1HOHg&google_cver=1&google_push=AehlK4CiSBNdk7qxw7GfEWeZbnvVifJ_4TYA1z6V5Q_W7pPdkOu8kkSCpBkydM-6rBH0yldLH6X_gL_UfIIZlBZ51MjqNiuHYK2HZrI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Jul 2022 16:01:27 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DC2 0
12 B 43ms
35ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdPeHR5B5exMGe068jVICrt3dSj59Nn7YA4nd8Y6jjvT8LZjydoKZ1fFrQWF9-ymJkUcJgtBw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8E9E 22 KB
8 KB 20ms
19ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 362171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 11:25:16 GMT
expires: Fri, 14 Jul 2023 11:25:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/43633015336519909/ Frame 6DC3 76 KB
19 KB 28ms
20ms Document
text/html 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa14d855d9d9b94c672dcbadfe5a8de3d60e036ccda9be73bc1434f0c0c01ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 101015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19579
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 11:57:52 GMT
expires: Mon, 17 Jul 2023 11:57:52 GMT
last-modified: Wed, 20 Oct 2021 13:28:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82D1 0
622 B 124ms
48ms Ping
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1iCorHdEYLlofE-bYJPeOKiLe4vXZDPFThyzfcI0UlqlkBIhvpvbLXXAtTZ7iAX9Z3hni0-DuwNuL2oHYOMspnHqeQzWGg1meU9UuPHnJUWnmGpluolAm4sS-mOmEcMaLwpISQDmEy5MkGT18Ifx0_WXGAylM2yGbVnIjXue6Uq1rv268m7cm3in-3SxSH0S9WoSmkrYiU5QjbDO4ze0Ycg2ggc-YZQwBRYAoVfvpkKCWy02v9hP2d-SOm3yEN1K9Dmc6m4_KX8BtbXhTER7nmeeByscGMLZIoLGEwKD9p94CxwETihuiV3JEDiKLmx2ieepmO3j8yeoMGRXmvGn1xPtZpqTaBWIXn1H4UMddUZYggA_Ya32NTSU8mlE5kh1RfExTlZinUVjK1ii7IMOic1tnqSmZBU_IUlnxq5NLfGzDff789hhR8RWQ3J37SYDusVKrIHpqQaoVl8KDeGcfWm753d4FNTJMOwYcHC3wF99-ILisLlJOmSS05okRNs3VXPpOIC2_87dS8Hu7TCom1_BTDAWYvYy9ZVC1KthcxwJc3EXnucJ0-SnFVeNb1TnAYeQ3Qq_CBr-j0yT_i729GSFJn_g5XcU3WwrF07YKPf7nP_BszAWj-UuhSWs2X2yxz4ykfsDQSbiLn1o63Ht4kQjf8-vTlzWuRcwaDMNr0FpeyiEWQJQ_luzQPwrzMgeo_OeCUAgEeZVflrH9WzsmJQujDzUaN0_KI0PD_BBEwVB1rP8aDXoUo8jc06CYLPJ5iOsKEtsmrd_QvERZvZLa_gOZo0Hj7HQwPQ6s1_7e9Q6TK50kf2uP5dtpMEprL3PNR1ZQf0pQcY-a3VjA1IEWqkuRX0U5jSKRWYbetLPDCX7BtzzVlJVA_DbJ0Dyofuc6HOx2Q2vUAkSnedP6aeC9o-sS9gRDmQ-ogSDGcwBTIolrJt8wLZO4aleoZ3-PAmsZk0rmmquVUwEtVNLx1n0iJK508LIVO1lH4qfdPkpPf_Szw296_uCr_45jlecwV7l5_LyQPf3Vhg8qr1xTNg7B30ntscOYtSGzGVfpiPdEBgBm-PubYmq3NGQ_wopALkg3_8yu6QBSPu3o7uURsLyvGGxmbj_DxS32DDKHPJW16VWVakM3ZDuonZNO3BFfyt-WO9viuwTxT19xL7jwZ0sU2AOj_PiNQMSrDQSC_xqwIl_16TCaONtIoLFQeycPzp-fYFnHg95QOehRlqHRX-ZMtBwHX3JJMOPsnoFYCbbMQrDSbA&sai=AMfl-YThzmzEYh4oa_wadaaQ5ajeeJQXYjXe5Hp969QDSKGODmHmTo56lmcViar39eAMpDGgQ2AuHqmDvahc2_iw9m8NdOdHo6LqKh7ORlujUlR1uU8uQbAQEhHvc3Dy7wkr0PtSegkAdMgV0RqeeFB8MYfA5LqRhA&sig=Cg0ArKJSzF70r1QTdafiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=174&cisv=r20220707.70809&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 18 Jul 2022 16:01:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
275 B 46ms
46ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=fIJLHjHtAUNdmQzKaiWXzbpUOUwbEDOm-FE7fPshldVTqKDUZ03zLGk3D-E0zENM1gb1PmPw==&pm_ct=8d01b90464173dc285f639ae&pm_pl=1658160085232&pm_td=1941&pid=1000102&en=1.1&callback=__pm_glbl_ivMu77dXIc9UcRfdiden9Nyk._gc7&tt=if&v=9a0fa6b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=3241790_0&l2=3&l3=Windows&l4=Chrome&l5=www.threatminer.org&ref=https://www.threatminer.org/&pub_domain=www.threatminer.org&utid=f8732582-4732-4a90-b375-f7c7f796d07d&uid=cuid_877faace-9555-4473-99f5-a929aeb63e0e&uip=149.56.153.184&cb=1332927150459657278
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.threatminer.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.threatminer.org
Date: Mon, 18 Jul 2022 16:01:27 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame 6DC3 2 KB
1020 B 89ms
36ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:800

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc23d030aab03ca2b0517106a73589f2e7a005ba7ce25387ac61a8302792a27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 15:48:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Jul 2022 16:01:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Jul 2022 16:01:27 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6DC3 29 KB
10 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/43633015336519909/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 01:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Jul 2022 01:23:14 GMT

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E9E 36 KB
14 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 15:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 15:32:24 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ Frame 6DC3 17 KB
18 KB 72ms
21ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 21:14:52 GMT
x-content-type-options: nosniff
age: 585995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 21:14:52 GMT

GET
H3 200 MMA-Wordmark-Orange.png
s0.2mdn.net/sadbundle/43633015336519909/ Frame 6DC3 8 KB
8 KB 23ms
22ms Image
image/png 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/43633015336519909/MMA-Wordmark-Orange.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990b558d5caf59c6a1e9f696a9b69f9843efda120b1bedda8930b14f1b1fe742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/43633015336519909/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 17:11:05 GMT
x-content-type-options: nosniff
age: 82222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8591
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 13:28:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Jul 2023 17:11:05 GMT

GET
H3 200 Rotman_Wordmark_-_White_-_200pxW.png
s0.2mdn.net/sadbundle/43633015336519909/ Frame 6DC3 5 KB
5 KB 24ms
23ms Image
image/png 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/43633015336519909/Rotman_Wordmark_-_White_-_200pxW.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9eeebdd3525e91aa7fdb4b25046a7ea7c387bf4ba72b4e4a6d099231915570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/43633015336519909/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 14:08:01 GMT
x-content-type-options: nosniff
age: 179606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4655
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 13:28:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jul 2023 14:08:01 GMT

GET
H3 200 MMA-728X90.png
s0.2mdn.net/sadbundle/43633015336519909/ Frame 6DC3 68 KB
68 KB 26ms
25ms Image
image/png 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/43633015336519909/MMA-728X90.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/43633015336519909/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f240413e2515a7a7894c491fa48edd0a39f159c0b55804301094ed1b9ae21a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/43633015336519909/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 09:42:43 GMT
x-content-type-options: nosniff
age: 195524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69883
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 13:28:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jul 2023 09:42:43 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82D1 0
26 B 80ms
37ms Ping
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1iCorHdEYLlofE-bYJPeOKiLe4vXZDPFThyzfcI0UlqlkBIhvpvbLXXAtTZ7iAX9Z3hni0-DuwNuL2oHYOMspnHqeQzWGg1meU9UuPHnJUWnmGpluolAm4sS-mOmEcMaLwpISQDmEy5MkGT18Ifx0_WXGAylM2yGbVnIjXue6Uq1rv268m7cm3in-3SxSH0S9WoSmkrYiU5QjbDO4ze0Ycg2ggc-YZQwBRYAoVfvpkKCWy02v9hP2d-SOm3yEN1K9Dmc6m4_KX8BtbXhTER7nmeeByscGMLZIoLGEwKD9p94CxwETihuiV3JEDiKLmx2ieepmO3j8yeoMGRXmvGn1xPtZpqTaBWIXn1H4UMddUZYggA_Ya32NTSU8mlE5kh1RfExTlZinUVjK1ii7IMOic1tnqSmZBU_IUlnxq5NLfGzDff789hhR8RWQ3J37SYDusVKrIHpqQaoVl8KDeGcfWm753d4FNTJMOwYcHC3wF99-ILisLlJOmSS05okRNs3VXPpOIC2_87dS8Hu7TCom1_BTDAWYvYy9ZVC1KthcxwJc3EXnucJ0-SnFVeNb1TnAYeQ3Qq_CBr-j0yT_i729GSFJn_g5XcU3WwrF07YKPf7nP_BszAWj-UuhSWs2X2yxz4ykfsDQSbiLn1o63Ht4kQjf8-vTlzWuRcwaDMNr0FpeyiEWQJQ_luzQPwrzMgeo_OeCUAgEeZVflrH9WzsmJQujDzUaN0_KI0PD_BBEwVB1rP8aDXoUo8jc06CYLPJ5iOsKEtsmrd_QvERZvZLa_gOZo0Hj7HQwPQ6s1_7e9Q6TK50kf2uP5dtpMEprL3PNR1ZQf0pQcY-a3VjA1IEWqkuRX0U5jSKRWYbetLPDCX7BtzzVlJVA_DbJ0Dyofuc6HOx2Q2vUAkSnedP6aeC9o-sS9gRDmQ-ogSDGcwBTIolrJt8wLZO4aleoZ3-PAmsZk0rmmquVUwEtVNLx1n0iJK508LIVO1lH4qfdPkpPf_Szw296_uCr_45jlecwV7l5_LyQPf3Vhg8qr1xTNg7B30ntscOYtSGzGVfpiPdEBgBm-PubYmq3NGQ_wopALkg3_8yu6QBSPu3o7uURsLyvGGxmbj_DxS32DDKHPJW16VWVakM3ZDuonZNO3BFfyt-WO9viuwTxT19xL7jwZ0sU2AOj_PiNQMSrDQSC_xqwIl_16TCaONtIoLFQeycPzp-fYFnHg95QOehRlqHRX-ZMtBwHX3JJMOPsnoFYCbbMQrDSbA&sai=AMfl-YThzmzEYh4oa_wadaaQ5ajeeJQXYjXe5Hp969QDSKGODmHmTo56lmcViar39eAMpDGgQ2AuHqmDvahc2_iw9m8NdOdHo6LqKh7ORlujUlR1uU8uQbAQEhHvc3Dy7wkr0PtSegkAdMgV0RqeeFB8MYfA5LqRhA&sig=Cg0ArKJSzF70r1QTdafiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=505&vt=11&dtpt=323&dett=3&cstd=174&cisv=r20220707.70809&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Jul 2022 16:01:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C480 14 KB
11 KB 87ms
43ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be8560d8fe8c0b87b5a24c03793d4f2f6647087ae2d8cff5c065b13a41f2b590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Jul 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11017
x-xss-protection: 0

GET
H2 200 container-1.0.html Show response
resources.infolinks.com/static/ Frame 68B5 430 B
490 B 31ms
30ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-1.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1808.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6079
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 72cc6fa2e94fa1ec-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Jul 2022 16:01:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 17 Aug 2022 14:20:08 GMT
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E9E 0
20 B 36ms
36ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG8fP1oPVYquyOImONYbDhdgGAAAAADgB4AQC&bg=!iYqlis7NAAaYcLjmuHA7ACkAdvg8Wjebi1u8Um0zHzqoKeqAgQ0MScoM7RYVK8vCL4zSv0AdkPe_LAIAAADMUgAAAANoAQeZAuyuxq9tfxkhHdlBPy3Empx0R15yk5DB9s-rw3W3SiTRmrFO_xBEyqNo_14oY5ZFFKeuFG0SnTXsyU7Hdct5AxjfUm3MxecSei1H49ViPWk78cRXhNARkhsbI0lBb0xUFmjXPkDnZtGrayAHxcrpYo0xxhyZblXJKyLhkXUbAcJeoluC7AGFhgVSaCfSIxN0ymIZQa5dPPZjljmuG7NiZL1-87PIIxhFj-LFuJzDkuKG037Pj-ZDs4L6tuUBzwpp5_-tu9vf9-WG9JR0X_EWWBxFsoJBtKlnp-JtKR83SXM9VtTR22nBF6oqq2_OH799qL_WfOc-avl2AmVvaF_7TavHoHpJzhCjLY5n-vA-erpGLBreinTunn4kqqzN1hoLaumLHioCQoLmKXceXhzh3TUh5X2v_TR7TMlMJaWth4tpTS8N8s8nfyW5y5rcWaFplc5DZqpIYBlFd8bH5I-g_4W6-GWjX8QSle-sJeTPIqU8DcvgUv_fLKhEwa3O67mj7vafad3v-JksOmcBCLyIhPFfXsNrCz7p7wpCnqsclYhEtT8ckdvG8ePT318-LSNq67OWll-XmWd0zhGeXmJYgYfQx0XlZs300jkrzc122iNDA1Lkod_G1ZbjYRNR6BeTlj2IrjuBj1pTEzLuEBGLowi95tB5FnZzG_YIGkq0o1mIL03voS1skFzfjZaAHZFsXbeKuA6j4hj_sSwSmPnswNCt07WdBnu2lI7OmkJOH9Rzn9UGbaZvVTzDz6u2DgoxjMpnX2LYBVTMbl2XdRWyhHgt1ag0CWWQSYJ7J7ZcuW082sLLd4BYR2eInl_2w2sT-gU5_JuOPX0CR2Utqztj_qltC7LDJZ1QM__h06lQtegpiLS-a3TRojYGGW3N99pDD1Vyl5_gLzuKeb587oz9LL-Tt3tkhvG3obSRBNwH_n39E4vJ67f6oVSGXGQo3UiZvBTXMaSn9SVe5FK246bPA_saVEjFsvlO7fXZ0XW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 68B5
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=877faace-9555-4473-99f5-a929aeb63e0e=&partner_id=3337
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De985233e-0b71-41eb-b1df-cd55d35de6c6%252C
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2103653450280440149&pt=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

95 B
113 B

39ms
39ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2103653450280440149&pt=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:27 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 16:01:27 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7633544a-578a-4362-8be9-3224f66ec513
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2103653450280440149&pt=e985233e-0b71-41eb-b1df-cd55d35de6c6%2C
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C480 17 KB
6 KB 72ms
71ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Jul 2022 16:01:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 237C 13 KB
5 KB 21ms
20ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 65124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 21:56:03 GMT
expires: Mon, 17 Jul 2023 21:56:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA67 783 B
534 B 129ms
83ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

850511cd8936e943f56a7f93e8772b9975bd569825b3523c6119163567fd6161

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MUzgcf5qnMn1IjWglEtTkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MUzgcf5qnMn1IjWglEtTkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 16:01:27 GMT
expires: Mon, 18 Jul 2022 16:01:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame 237C 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 15:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 15:32:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA67 0
0 50ms
49ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=641499851763068&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 237C 0
9 B 83ms
83ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Hk3AOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82D1 42 B
64 B 42ms
42ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoHwoWqvoHA5PEOG_RCTh_K962E9oyuAK5ksnGgEgbHC0mzfSrv67fpCW6nywRtgKr93lsWZ0wvaq1qwMREAmrQ7FmPnrND5rEmIqHoGzk2pay-hWgaY1l6stmEy6lMrLoRJr4JSzJxQ&sai=AMfl-YRm4NrOfiyR_hbkIHky7SeXzywu--HjhX5jlBRwVjVFD7P7wCtdCwtj52V5FawH7dYcc1v4WTELAei_cK1aAFljZsRyuq18Hu8&sig=Cg0ArKJSzMruf8F4absoEAE&cid=CAASEuRol3SnZ511dbmwzo-ERl-PLg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2655341515&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658160086527&rpt=659&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 16:01:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C480 0
0 51ms
51ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=641499851763068&bg=!6-il6KzNAAaYcLjmuHA7ACkAdvg8WpzNGBAJpUCCoPbRcW8fpz3Xi0DUX6IPmBfGq7WuL30yf0fr7QIAAACeUgAAAANoAQcKANLTCdeOAz8i8qg3kpOOwpNhFLwBfOoMy2HkcqKoRP1JGH-e4POu5BZXajePyrTDxmFTi_ZILxwdWwzA7tSZF9GFAM8lVF3M-IanoH6k1NcLWWLOJWxfVWEjdYiqp-8fcs-li5wyuM7Fy5kE8gv6tUMq2SjncFnha_h4xLfisUKL-FtL6mOLMgQVDV322bZ0pIxgBdudqNPmZ5JzcpmJamDcH4JPYBK4XnF3u6Oby8qbNyF6svOHC9RG_BoiaUdO0yElpMJE5XcJiDMG0aB1XZaIt7uZAsI-7Cx1RgUMa7bSbkO3BJnN6Zwf5H00k8dv4ulCtORH64NZK_oOb9M6wZZG-fMhsSn4AKYHuScWsFIv9T33b5gwgxDwtJSRRM6vhXuOL7O1dV6l0FcuogCUVeGS6UMUSh6PYHqKEpSy52u8l0LEvNXvlJt7zijZ2v0NHBVSW2tTnhOmndEj2E1OTxcvdb5LdU4YlXnp_FXPD8I7lnQ8exEv6OfW1t1J4EIg8rFBNAdRa25Vp043DNoWFc5_vylVfRFTfFggh-mdYUJHp_jLCPe2bYDZWxRh8LDbogAmr4RdDpzVV52DnY9GP-tNf9-Q8dP7w4Afiu4pYuEHjFOm205qCGW4Kxp27QvMN8gJHbQ7UJGDFwRenAMif5D1t9yse7TCvmaUS4pfVkAzfxdL43BxuLxIOCJk5Zps6mSXNimGAU9orQkU_XlBVzQYNUOZ8gcKPQHih1BzcC0hPk2RTX78rXrh2bs1Z48FjT_If0usEM73qOcEXYxYvg7bVa2ystfj1FfK0nTOFu_Z95bt2VdOd5WeHopXnJaboDKtaa2KtDlhlVOqit84ZnNw4GX2VgXFJdGECuiX_P9m0g9JyqzT_S9syRyE3L0J4ZZMCSZyRXE5jk9WWAlce14ocDYnXweNoK7tr8xabVYWYX1KBCM1DTpSZ1uyzWUpGFuTFxFiUO4elmPHOYmQmqMzE25AvbWpYzK2S4LRWBMdW7RzoxKevqwn4PJmY-AFDkOeLfmmBvcTC60RV0gnyctMw5DADTH7cXVoIUg-NJnRSk4rDLWRbcXs4EHAxdgfF5zgGaoZaJXcjzJZXivr0wswoUmHizlyvILfGDYWn3q5mEfaN2CzWaFzesg9RNMlABuiD2y3CHdXnb-Ub0bIonRJjvVIZAF0HQ8gb2T4VL-Ka3kTtgD7v4apyyEDUSlNmFNLQhTB8s5p
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.threatminer.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ioar9jjfanqcobrfibb5h8fq07
.threatminer.org/	1970-01-20 22:07:12	Name: _ga Value: GA1.2.1821415982.1658160084
.threatminer.org/	1970-01-20 04:37:26	Name: _gid Value: GA1.2.1360987563.1658160084
.threatminer.org/	1970-01-20 04:36:00	Name: _gat Value: 1
www.threatminer.org/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 575b7ee0-9286-4124-a384-0cf8a3488157
.infolinks.com/	1970-01-20 22:07:12	Name: cuid Value: 877faace-9555-4473-99f5-a929aeb63e0e
.openx.net/	1970-01-20 13:21:36	Name: i Value: fdb033b1-2b9b-4ea9-a157-2051301ccd63\|1658160084
.3lift.com/	1970-01-20 06:45:36	Name: tluid Value: 3945146070236113866468
.adnxs.com/	1970-01-20 06:45:36	Name: uuid2 Value: 2103653450280440149
.360yield.com/	1970-01-20 06:45:36	Name: tuuid Value: 56d8d311-92e5-4c9c-b3e2-2aa503087ebe
.360yield.com/	1970-01-20 06:45:36	Name: tuuid_lu Value: 1658160084
.yahoo.com/	1970-01-20 13:21:57	Name: A3 Value: d=AQABBNSD1WICEBpTPDim9UkIlUUn2Q3LB24FEgEBAQHV1mLfYgAAAAAA_eMAAA&S=AQAAAjqLsut4Roy8N4N-vFHZSjI
.pubmatic.com/	1970-01-20 04:37:26	Name: KTPCACOOKIE Value: YES
.zemanta.com/	1970-01-20 13:21:36	Name: zuid Value: LoNgUlNCh_6w1Ya2HBrW
.go.sonobi.com/	1970-01-20 05:19:12	Name: __uis Value: 7385d38b-53e7-4b2e-8bb0-ba7a4f69c353
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85126\|YtWDy
.casalemedia.com/	1970-01-20 13:21:36	Name: CMID Value: YtWD1EyL75q2p0BX64B61QAA
.casalemedia.com/	1970-01-20 06:45:36	Name: CMPS Value: 129
.pubmatic.com/	1970-01-20 06:45:36	Name: SyncRTB3 Value: 1659312000%3A220
.pubmatic.com/	1970-01-20 06:45:36	Name: KADUSERCOOKIE Value: 857B58C0-1D30-480A-8DF6-C52A0204B419
.infolinks.com/	1970-01-20 06:45:36	Name: TPLSERCOOKIE Value: 3945146070236113866468
.infolinks.com/	1970-01-20 06:45:36	Name: IMDUSERCOOKIE Value: 56d8d311-92e5-4c9c-b3e2-2aa503087ebe
.infolinks.com/	1970-01-20 06:45:36	Name: ANUSERCOOKIE Value: 2103653450280440149
.infolinks.com/	1970-01-20 06:45:36	Name: OXUSERCOOKIE Value: 058b2e79-91c8-46d2-ba4e-df4bac9c5b0b
.infolinks.com/	1970-01-20 06:45:36	Name: VRUSERCOOKIE Value: y-tzQ44tlE2uEB_tn6FuFGhtxMf.3CKf3vdk7vzq0-~A
.infolinks.com/	1970-01-20 06:45:36	Name: SONOBIUSERCOOKIE Value: 7385d38b-53e7-4b2e-8bb0-ba7a4f69c353
.adsrvr.org/	1970-01-20 13:21:36	Name: TDID Value: 3ca3d77c-4238-4451-8e6f-3fbe3883ea89
.intentiq.com/	1970-01-20 22:07:12	Name: IQver Value: 1.9
.intentiq.com/	1970-01-20 22:07:12	Name: intentIQCDate Value: 1658160085027
.lijit.com/	1970-01-20 13:21:36	Name: ljt_reader Value: E_zhaLZHj_4-UmqGTAy5lbzf
.casalemedia.com/	1970-01-20 06:45:36	Name: CMPRO Value: 550
.casalemedia.com/	1970-01-20 13:21:36	Name: CMRUM3 Value: 7b62d583d505a0&e662d583d52760&f162d583d505a0&6962d583d505a0&1a62d583d505a0&5a62d583d505a0&2762d583d50b40&2d62d583d505a0
.casalemedia.com/	1970-01-20 04:37:26	Name: CMST Value: YtWD1WLVg9UA
.tynt.com/	1970-01-20 13:21:36	Name: uid Value: C4mIxWLVg9XyTAwwAfwZdg==
.1rx.io/	1970-01-20 13:21:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005%22%2C%22nxtrdr%22%3Afalse%7D
js.ad-score.com/	1970-01-22 00:24:46	Name: token Value: aOCBaIUYIVkCg-4tdg-jHUoeKIBKPwPa
.33across.com/	1970-01-20 13:21:36	Name: 33x_ps Value: u%3D211878319039908%3As1%3D1658160085074%3Ats%3D1658160085074
.tynt.com/	1970-01-20 06:45:36	Name: pids Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1658160085093%7D%5D
.intentiq.com/	1970-01-20 22:07:12	Name: intentIQ Value: PJseZgpxwl
.rfihub.com/	1970-01-20 13:57:36	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmphaGZgYGFqaGgMAGE7wOQQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjSzNDc1NLMwNDSyMDO2sDA1EeIz1C00MPEv9_HJqkx0DQIAIJk8ByQAAAA
.rfihub.com/	1970-01-20 13:57:36	Name: rud Value: H4sIAAAAAAAAAOMSsjSzNDc1NLMwNDSyMDO2sDA1EeIz1C00MPEv9_HJqkx0DQIAIJk8ByQAAAA
.infolinks.com/	1970-01-20 06:45:36	Name: IXUSERCOOKIE Value: YtWD1EyL75q2p0BX64B61QAA&550
.infolinks.com/	1970-01-20 06:45:36	Name: 33AUSERCOOKIE Value: 211878319039908
.analytics.yahoo.com/	1970-01-20 13:21:36	Name: IDSYNC Value: "192u~2634:18xp~2634:190u~2634"
.intentiq.com/	1970-01-20 22:07:12	Name: CSDT Value: UEQ6MTUwMTlfMCZUQnhHaldh
.intentiq.com/	1970-01-20 22:07:12	Name: ASDT Value: 0
.intentiq.com/	1970-01-20 22:07:12	Name: IQPData Value: 2503514552#1658160085155#0#1658160085155
sync.srv.stackadapt.com/	1970-01-20 13:21:36	Name: sa-user-id Value: s%3A0-9f1f68ce-f9de-4a56-65d0-dcfc11095346.KiUQ027Tiky3H0aWrFCVHGeSQ8RP2zMdA7pKkKQVrz8
.srv.stackadapt.com/	1970-01-20 13:21:36	Name: sa-user-id-v2 Value: s%3Anx9ozvneSlZl0Nz8EQlTRpU4mbg.Ik8uu4Sfj1gSgEishbDpJD40USUo95tmAwTL9q8UyFg
.infolinks.com/	1970-01-20 06:45:36	Name: SOVRNUSERCOOKIE Value: E_zhaLZHj_4-UmqGTAy5lbzf
.infolinks.com/	1970-01-20 06:45:36	Name: ZTUSERCOOKIE Value: 969751681128638854
.taboola.com/	1970-01-20 13:21:36	Name: t_gid Value: fd279604-bb3e-4a96-a780-51d60756b961-tuct9cf0955
www.threatminer.org/	1970-01-20 04:37:26	Name: pmtimesig Value: [[1658160085254,0]]
.bidswitch.net/	1970-01-20 13:21:36	Name: tuuid Value: 73380c73-8db9-486a-b2a2-ae6621273880
.bidswitch.net/	1970-01-20 13:21:36	Name: c Value: 1658160085
.bidswitch.net/	1970-01-20 13:21:36	Name: tuuid_lu Value: 1658160085
.cpx.to/	1970-01-20 13:21:36	Name: cpSess Value: 44b2f2be3cdbd870
.cpx.to/	1970-01-20 13:21:36	Name: dsp_app_nexus Value: 2103653450280440149#1658160085248
.simpli.fi/	1970-01-20 13:23:02	Name: suid Value: D300CEEF4E4F4B6B9061CC65F3EC7F60
.targeting.unrulymedia.com/	1970-01-20 13:21:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005%22%7D
.infolinks.com/	1970-01-20 06:45:36	Name: OUTHUSERCOOKIE Value: y-8XE4HWRE2uG03x5kt9iM4E2G1.I1VveQ~A
.amazon-adsystem.com/	1970-01-20 10:46:04	Name: ad-id Value: A5ViVGL0tUBKtAYwoM4N7Go
.amazon-adsystem.com/	1970-01-22 02:13:26	Name: ad-privacy Value: 0
.infolinks.com/	1970-01-20 06:45:36	Name: KADUSERCOOKIE Value: 857B58C0-1D30-480A-8DF6-C52A0204B419~1658167861615
.doubleclick.net/	1970-01-20 22:07:12	Name: IDE Value: AHWqTUmTda39MlSjwtSHcrc2RTaC1f75A1xGFBDr03cfSipeLLds4yXdtE-D0d185KY
.infolinks.com/	1970-01-20 06:45:36	Name: R1USERCOOKIE Value: RX-40b6749b-6f6f-44c8-bd9e-7db470ca8249-005
.mathtag.com/	1970-01-20 14:01:55	Name: uuid Value: d47b62d5-83d5-4b00-a34c-27126a11af59
.infolinks.com/	1970-01-20 06:45:36	Name: ZMNUSERCOOKIE Value: LoNgUlNCh_6w1Ya2HBrW
data.ad-score.com/	1970-01-22 00:25:04	Name: token Value: UrnXFYFXVEkYJ-xt0q-YWXNtOnukiqyl
.threatminer.org/	1970-01-20 04:38:52	Name: fc Value: %7B%22OTl-MTg0OQ%22%3A%221%3A1658160085959%22%7D
.threatminer.org/	1970-01-20 04:38:52	Name: pv Value: %7B%22d%22%3A%221%3A1658160085960%22%7D
.pubmatic.com/	1970-01-20 04:37:26	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-20 06:45:36	Name: chkChromeAb67Sec Value: 3
.infolinks.com/	1970-01-20 06:45:36	Name: PUBMUSERCOOKIE Value: 857B58C0-1D30-480A-8DF6-C52A0204B419
.rubiconproject.com/	1970-01-20 13:21:36	Name: khaos Value: L5QXPB38-25-18O2
.tapad.com/	1970-01-20 06:02:24	Name: TapAd_TS Value: 1658160086462
.tapad.com/	1970-01-20 06:02:24	Name: TapAd_DID Value: e985233e-0b71-41eb-b1df-cd55d35de6c6
.adsrvr.org/	1970-01-20 13:21:36	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsIvo6gyJm49DoQBRIUCgV0YXBhZBILCPC7ptaZuPQ6EAUYASABKAIyCwjws6mDsLj0OhAFOAFaBXRhcGFkYAI.
.rlcdn.com/	1970-01-20 13:21:36	Name: rlas3 Value: UlRuRKO7lFTiZSAcwv2oMOVObXhNLTTyWidMAD2cwZs=
.rlcdn.com/	1970-01-20 06:02:24	Name: pxrc Value: CNaH1pYGEgYIkLwrEAA=
.rubiconproject.com/	1970-01-20 13:21:36	Name: audit Value: 1\|T3Hz6ST5fjJhiRC9zwOoQeDA/DdR8Fq40hR4nQJv0A8eECEUBMheiopad/csI5drjfFRfL0niwHqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:07:53	Name: bcookie Value: "v=2&f67342ad-5f13-4c14-8981-f7d17b859e56"
.linkedin.com/	1970-01-20 04:37:26	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2710:u=1:x=1:i=1658160086:t=1658246486:v=2:sig=AQF1cgJEEhNy_BiwDH0EllSTIZPZj7vJ"
.adnxs.com/	1970-01-20 06:45:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUkN)H1@!@wnfH8K6pQK`!5=E<*L5?%K91+o-I1I2i:.x^2X.AF=9ib(x$?[+qz`>xJn%nugO%v4VB%nluM)sqZk
.casalemedia.com/	1970-01-20 06:45:36	Name: CMTS Value: 088
.dotomi.com/	1970-01-20 04:36:00	Name: DotomiTest Value: 6a044983b801228
.dyntrk.com/	1970-01-20 13:21:36	Name: dyn_u Value: 04030002_62d583d729f5e
.media.net/	1970-01-20 13:21:36	Name: visitor-id Value: 3011616871455212000V10
.media.net/	1970-01-20 04:56:09	Name: data-g Value: CAESEBNqj_81MI8f2T1exL28iko~~3
.adkernel.com/	1970-01-20 05:19:12	Name: ADKUID Value: A105239681445290219
.tribalfusion.com/	1970-01-20 06:45:36	Name: ANON_ID Value: aTnseFNj6WkCyhURALhZbClsyMvZa3T7pQEtPDU5nTwqVvvdSFArJHR9AUeni3ZaoaVgoySeZb4xFfYt3aAcf0a8
.e-volution.ai/	1970-01-20 04:56:09	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 05:19:12	Name: ADKUID Value: A105239681445290219
.tapad.com/	1970-01-20 06:02:24	Name: TapAd_3WAY_SYNCS Value: 1!4792-2!4792

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
abs.twimg.com
ad.360yield.com
adservice.google.ca
adservice.google.com
ap.lijit.com
api.intentiq.com
b1sync.zemanta.com
c.us1.dyntrk.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cs.media.net
d.adroll.com
data.ad-score.com
dclk-match.dotomi.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hde.tynt.com
i.creativecommons.org
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
js.ad-score.com
licensebuttons.net
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.casalemedia.com
resources.infolinks.com
router.infolinks.com
rt3043.infolinks.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
syndication.twitter.com
token.rubiconproject.com
ton.twimg.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.threatminer.org
x.bidswitch.net
104.18.18.126
104.18.19.126
104.244.42.8
104.36.115.109
107.178.246.49
13.226.39.8
13.226.39.84
130.211.115.4
141.226.224.48
142.250.65.162
142.251.40.162
15.235.43.120
162.248.18.11
172.66.41.9
172.66.42.247
174.137.133.49
184.50.205.90
199.127.204.142
199.38.167.131
2001:4860:4802:32::178
209.54.182.161
216.200.232.249
23.192.31.127
23.52.167.93
23.92.190.68
2600:1f18:4e9:5a02:7d05:5db0:2d53:4868
2600:9000:21da:2600:a:deb0:3380:93a1
2606:2800:21f:5b71:3e29:d001:be46:4bcc
2606:2800:21f:c0ec:d236:5e26:ab36:2d30
2606:2800:220:1410:489:141e:20bb:12f6
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::6814:9710
2606:4700:20::681a:5d6
2606:4700:20::681a:eeb
2606:4700:4400::ac40:98f5
2606:ae80:1451:22::730
2607:f8b0:4006:809::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2006
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:823::2001
2620:1ec:21::14
3.208.212.45
3.225.126.23
34.117.239.71
34.206.232.206
34.234.174.195
35.190.60.146
35.211.178.172
35.244.159.8
35.71.131.137
51.222.239.230
52.116.221.248
52.223.22.214
52.45.33.138
52.94.223.37
67.202.105.23
67.202.105.34
68.67.179.122
68.67.181.211
69.166.1.10
69.173.151.100
70.42.32.223
8.28.7.84
8.43.72.97
99.80.58.206
037a0d186faaac251c172199432d7ae417c92d92ad63380a94a2f51ddd7a6612
058b7f33a61ef0de50995d1e74f6d171f0923c3305824a47bf588c6c4cf2fd8a
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df35dc4906a0b5425ab3e2dd3e7b4aee3c01734f8966c3f38aade193df6bbca
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13da23e323658067823edcbc9f6033522a57cbe4325eb72470ab93f6c77f5c38
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1d911b751cd99075ed5ea3e9315645314fe0e1254a321d2b545b19a6652d951a
1de1b94f2eb27f99f30e3a3afdfc9db5333cca95520d2342b73ee5db60fd8bae
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
1f7d17cbad41672bc5c1a54054125adae853880adc5a644b544c805b1ab31888
2309907d3bc859fa64e8155ff293f450c595760d28413d5b33f810fd8baa40ba
26178f6915e0ed71ecd377899de1394d1961bb5aa8ae8fda3e24bfbb84140374
28350b1ee2c38c7a5eb134d520dedd01ab578d81c2ebe814e63e5d212c6ab1f1
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29070b793b2232697084674a7d43185e557cb0ac536db29b206ff8f7e93e6882
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f881678cd7ea23247e6eb88a0c774d01ff6107c5c827d4efcf4068f9247e2de
31800a391f8100888d086e116f8e379cff34d135fa650fbf571070f6f11bb2d5
33b5c77a1a7f7708db2e291f8ab3ee9d37897375701d04be14ad48fa26650aa8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b
3b09c4265e2034681aea0315c2b19a24b603c62f53b3ea95cd28d86d97298754
3d56f2bc68d9d190a05df1dc24bd2653eaff3c20660fa4e8b4fda71ebd8ada64
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
488a66c0da8f8bae60746ab1a661bb27f0a98f57257e191ed317e2e176ab130b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49812b3dba48031423f0b9646344394167b607398857297c74a5c8ca5a2ea17e
4a2266339c6f702080a356cb4823f95f42dfb25eb49dc3b5f6d56711761379a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a
4e5b21b835aaffe82018bd0f5266769946e3206ea181352c6215ecfbfc7ea747
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d
558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5758b2da00946327bdfc67f4f7581905ddeb02d077e25499015bd1d5dddff693
5a7b3090bd9f8835e6add21f9c4e519a19af8fcedb40d3e9488d0e5e23a2fe36
5d502f1ae618be2d98cf4b6e4be84089704eccfa8b01199bdffcd366aeafff24
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f82d10b244c0811546fce6bc98e767655bceee2b7f41c6b41aef2e630a1ace8
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605eefd6f113ffc50e197d237861a4fbfefc52a781370ed5ad047e2e32632091
60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273
6101174ba6bad0042600262c2ef92379addadae159d413d54c92a8d8eb5001c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
70f157c3fb7e1d05c83d4f8f269d9c6b67203e37863329eefc5202b97af308cc
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74
7eb0a8df21d2aa9f51970e9b5f2ba600511373d1d732e1ac07ee5ec2dd135dd4
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
850511cd8936e943f56a7f93e8772b9975bd569825b3523c6119163567fd6161
85b0bab835f1c9d35073860412074c375c341a1fc9f1f51e12b0931cc58438a0
86787b8b795723ffc526ce4670bbeeb5e625969fc4f4c43efbdaf4b412d4b896
87142f934cfae0717a0d28f1c2393c09fddbf582458a3c1900e208806fe2d480
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a9eeebdd3525e91aa7fdb4b25046a7ea7c387bf4ba72b4e4a6d099231915570
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c
8fa14d855d9d9b94c672dcbadfe5a8de3d60e036ccda9be73bc1434f0c0c01ab
91b4ac439a88193b25a302f46fc9a2b0c5455ca4b1f30b7406a541fbc6201200
91ccad943b75171869dacbe5c42de58887b92a1d9fbc567651ade87e7193984d
934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
956eaa7438776d93a61d40d80717ad1ec60449ee7fe81c70166d0aff9fe6bb01
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
967e6da5d7c3c1c267d3677a9c4b157b622e598e290e3bd0751d278457e81776
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
97f9b7cab9096a1f281f549f2933f26d0421725999c1c0b663d18a27ec602954
990b558d5caf59c6a1e9f696a9b69f9843efda120b1bedda8930b14f1b1fe742
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df
999a740fc678f340320d75cf6083acc26c1d005b81d6819cc3af4598b328d503
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac23973c319ae64c627c297c301861412d27ac92543cc79d4be7d20872be618
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b
a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f
aab2bc0c21b96bbb3ea7edb7be9a082bd0ebcca250b809728adc8c55ae01b7d9
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afffc2f9ff0ed0df74d2308d3308830f07b63bd1dd546a35d6fd7e17f74533b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
bb736b48143a122a9a15b8941e373c449d28b7d7db962b9446d47a0503a7d0d6
bdb581fa06f3f03a95aabe175a9d30c381faaf15cc34c35a0ff4c5cc13c45f48
be8560d8fe8c0b87b5a24c03793d4f2f6647087ae2d8cff5c065b13a41f2b590
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0
c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd0fb5005d7e9a84f0c3823c930a2480a8b6f169b6f2d9fd21b55343e1af9a22
ce0da28926071b06a8550b80892a47e775506aaba82485a78a21ceb81e48b764
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2
dada584d793ffc15c23d2aed13eee4c4e652b7ab4151638aa884907d5d06c3cc
dc23d030aab03ca2b0517106a73589f2e7a005ba7ce25387ac61a8302792a27c
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e
eb1d647e7832496154b78c2e32299f4da0f8a2764411c5f748e846a9b85bad95
ecd4aa0319777daf315b9f1ca50fa605f4c69b26e2f8ad482b672cdfd36c744b
ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000
ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e
edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef
f240413e2515a7a7894c491fa48edd0a39f159c0b55804301094ed1b9ae21a48
f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004
f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5
fa8fe8f3b53ea62c1c66afb46a7da8bae3e4bbc322963e69aaac076ed49997e1
fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

www.threatminer.org Open in urlscan Pro 2606:4700:20::681a:eeb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

75 %HTTPS

32 %IPv6

54 Domains

84 Subdomains

41 IPs

4 Countries

3316 kBTransfer

7993 kBSize

96 Cookies

10 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.threatminer.org Open in urlscan Pro
2606:4700:20::681a:eeb Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

75 %
HTTPS

32 %
IPv6

54
Domains

84
Subdomains

41
IPs

4
Countries

3316 kB
Transfer

7993 kB
Size

96
Cookies

205 HTTP transactions
5 data transactions